P1Ckzi

**Name of the Vulnerable Software and Affected Versions** NanoCMS version 0.4 **Description** An authenticated file upload issue allows remote code execution through unvalidated page content creation. Authenticated attackers can upload PHP files containing arbitrary code to the server's pages directory by exploiting the page creation mechanism, which lacks proper input sanitization. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Blink1Control2 versions prior to 2.2.9 **Description** The issue concerns the use of weak password encryption and an insecure method of storage in the Blink1Control2 application. **Recommendations** For versions prior to 2.2.9, update to version 2.2.9 to resolve the issue.