Nn0Nkey

**Name of the Vulnerable Software and Affected Versions** Dokploy versions prior to 0.26.7 **Description** Dokploy is a self-hostable Platform as a Service (PaaS) that contains a command injection issue. Authenticated users can execute arbitrary commands with root privileges via the '/docker-container-logs' WebSocket endpoint. This occurs because the `tail` and `since` parameters are not validated and are directly concatenated into shell commands. **Recommendations** Update to a version later than 0.26.6. Avoid using the `tail` and `since` parameters in the '/docker-container-logs' endpoint until the update is applied.

**Name of the Vulnerable Software and Affected Versions** MindsDB versions prior to 26.01 **Description** A remote deserialization issue exists within the Pickle Handler component. The flaw occurs during the execution of the `pickle.loads()` function, allowing an attacker to manipulate data to achieve deserialization. **Recommendations** Update to a version later than 26.01. As a temporary workaround, restrict the use of the `pickle.loads()` function within the Pickle Handler component.

**Name of the Vulnerable Software and Affected Versions** MindsDB versions prior to 26.01 **Description** A weakness in the Engine Handler component allows for unrestricted file upload. This issue occurs within the `exec()` function located in the `mindsdb/integrations/handlers/byom handler/proc wrapper.py` file and can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Qiyuesuo Eelectronic Signature Platform versions up to 4.34 Description: A critical issue exists in Qiyuesuo Eelectronic Signature Platform, potentially allowing for unrestricted file uploads. The `execute` function within the `/api/code/upload` file of the Scheduled Task Handler component is affected. Manipulation of the `File` argument can lead to exploitation. The exploit has been publicly disclosed. Recommendations: Versions prior to 4.34: As a temporary workaround, consider restricting access to the `/api/code/upload` endpoint until a patch is available. Versions prior to 4.34: Avoid uploading untrusted files through the affected endpoint.

**Name of the Vulnerable Software and Affected Versions** DataGear versions up to 4.60 **Description** A critical issue affects the unknown code of the file /dataSet/resolveSql, where the manipulation of the `sql` argument leads to sql injection. The attack can be initiated remotely. Upgrading to version 4.7.0 addresses this issue. **Recommendations** For DataGear versions up to 4.60, upgrade to version 4.7.0 to address the issue. As a temporary workaround, consider restricting access to the /dataSet/resolveSql file to minimize the risk of exploitation. Avoid using the `sql` argument in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** EyouCMS version 1.51 **Description** A critical issue affects the function `editFile` of the file `application/admin/logic/FilemanagerLogic.php`. The manipulation of the argument `activepath` leads to path traversal. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For EyouCMS version 1.51, as a temporary workaround, consider disabling the `editFile` function until a patch is available. Restrict access to the `FilemanagerLogic.php` file to minimize the risk of exploitation. Avoid using the argument `activepath` in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Thinkphp versions 6.1.3 through 8.0.4 **Description** A deserialization issue in the controllerIndex.php component allows attackers to execute arbitrary code. **Recommendations** For versions 6.1.3 through 8.0.4, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SeaCMS version 12.9 **Description** A cross-site scripting (XSS) issue in the admin collect news.php component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `siteurl` parameter. **Recommendations** For SeaCMS version 12.9, consider disabling access to the admin collect news.php component until a patch is available. Restrict the use of the `siteurl` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SeaCMS version 12.9 **Description** A SQL injection vulnerability was discovered in SeaCMS via the `id` parameter at the "/dmplayer/dmku/index.php?ac=del" endpoint. This issue allows for potential SQL injection attacks. **Recommendations** For SeaCMS version 12.9, consider disabling the `id` parameter in the "/dmplayer/dmku/index.php?ac=del" endpoint as a temporary workaround until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation. Avoid using the `id` parameter in this endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** SeaCMS version 12.9 **Description** A cross-site scripting (XSS) vulnerability in the `admin datarelate.php` component allows attackers to execute arbitrary web scripts or HTML via a crafted payload. This issue enables attackers to run any web script or HTML, potentially leading to unauthorized actions on the affected system. **Recommendations** For SeaCMS version 12.9, consider disabling the `admin datarelate.php` component until a patch is available to prevent exploitation of the XSS vulnerability. Restrict access to this component to minimize the risk of exploitation. Avoid using any potentially vulnerable functions or parameters within the `admin datarelate.php` component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Seacms version 13.1 **Description** The issue allows attackers to control IP parameters written to the data/admin/ip.php file when the action is set, potentially resulting in arbitrary command execution. This occurs due to a vulnerability in the admin ip.php file in Seacms version 13.1. **Recommendations** For Seacms version 13.1, consider disabling the `admin ip.php` file or restricting access to it until a patch is available to prevent attackers from controlling IP parameters and potentially executing arbitrary commands.

Name of the Vulnerable Software and Affected Versions: SourceCodester Computer Laboratory Management System version 1.0 Description: A critical issue has been found in the function `delete category` of the file `/classes/Master.php?f=delete category`. The manipulation of the argument `id` leads to SQL injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Recommendations: For SourceCodester Computer Laboratory Management System version 1.0, consider disabling the `delete category` function until a patch is available. Restrict access to the `/classes/Master.php?f=delete category` endpoint to minimize the risk of exploitation. Avoid using the `id` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SeaCMS version 12.9 **Description** A cross-site scripting (XSS) issue in the admin ads.php component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `ad description` parameter. This enables attackers to run any web scripts or HTML. **Recommendations** For SeaCMS version 12.9, consider disabling the `admin ads.php` component or restricting access to it until a patch is available. Avoid using the `ad description` parameter in the affected component to minimize the risk of exploitation.