Nick Berrie

**Name of the Vulnerable Software and Affected Versions** Quicklert for Digium version 10.0.0 (1043) **Description** The issue affects the login.jsp page, allowing for Blind SQL Injection with Out-of-Band Interaction (DNS) and Blind Time-Based SQL Injections. This can be exploited to disclose all data within the database, including administrative accounts' login IDs and passwords, via the `uname` parameter in the login.jsp page. **Recommendations** For Quicklert for Digium version 10.0.0 (1043), consider restricting access to the login.jsp page until a fix is available. As a temporary workaround, avoid using the `uname` parameter in the login.jsp page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Quicklert for Digium version 10.0.0 (1043) **Description** An arbitrary file upload issue exists in the albumimages.jsp file, allowing an authenticated attacker with low privileges to execute remote code on the target server within the context of the application's permissions. This is achieved by uploading a file with a .mp3;.jsp filename that begins with audio data bytes. **Recommendations** For Quicklert for Digium version 10.0.0 (1043), consider restricting access to the albumimages.jsp file as a temporary workaround until a patch is available. Avoid using filenames that could be interpreted as executable code, such as those ending in .jsp, in the affected file upload functionality. At the moment, there is no information about a newer version that contains a fix for this vulnerability.