Onurhan Erdogdu

**Name of the Vulnerable Software and Affected Versions** Identity and Directory Management System versions prior to 2.1.25 **Description** The issue is related to an unauthenticated Path traversal vulnerability in the Identity and Directory Management System. This vulnerability has been fixed in version 2.1.25. **Recommendations** For versions prior to 2.1.25, update to version 2.1.25 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Ipack SCADA Software versions prior to 1.1.0 Description: The issue is related to improper handling of parameters, allowing Blind SQL Injection. This can potentially be exploited to extract or modify sensitive data from the database. Recommendations: For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations to minimize the risk of exploitation. Avoid using user-supplied input in SQL queries until the issue is resolved.