Q1Uf3Ng

**Name of the Vulnerable Software and Affected Versions** Dozzle versions prior to 10.5.2 **Description** The WebSocket upgrader for the '/exec' and '/attach' endpoints accepts upgrade requests from any origin because it uses a custom `CheckOrigin` function that always returns true. When combined with the JWT cookie using `SameSite: Lax`, this allows Cross-Site WebSocket Hijacking (CSWSH). An attacker hosting a page on a same-site origin (such as a sibling subdomain or another service on localhost) can initiate a WebSocket connection to the exec endpoint. This connection carries the victim's valid JWT cookie, allowing the attacker to gain interactive shell access to any container the victim is authorized to access. **Recommendations** Update to version 10.5.2. As a temporary workaround, restrict access to the '/exec' and '/attach' endpoints to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Termix versions prior to 2.1.0 **Description** Termix is a web-based server management platform providing SSH terminal, tunneling, and file editing capabilities. The 'extractArchive' and 'compressFiles' endpoints in file-manager.ts use double-quoted strings for shell command construction. This implementation allows $(command) substitution, which enables command injection on the remote SSH host. **Recommendations** Update to version 2.1.0.

**Name of the Vulnerable Software and Affected Versions** ArchiveBox (affected versions not specified) **Description** The '/add/' endpoint (AddView in `core/views.py`) allows the injection of arbitrary configuration into crawl jobs because the config JSON field is merged without validation. This configuration is subsequently exported as environment variables when archive plugins run, enabling the injection of tool arguments to achieve remote code execution. When the `PUBLIC ADD VIEW` variable is set to True, this can be exploited without authentication, as the endpoint is also `@csrf exempt` (exempt from Cross-Site Request Forgery protection, a mechanism that prevents unauthorized commands from being transmitted from a user the web application trusts). Specifically, the `config` parameter can be used to override keys such as `YTDLP ARGS EXTRA` or `GALLERYDL ARGS EXTRA` to execute arbitrary commands via the `--exec` flag of the respective tools. **Recommendations** As a temporary workaround, set `PUBLIC ADD VIEW` to False to prevent unauthenticated access to the '/add/' endpoint. Restrict the use of the `config` parameter in the '/add/' endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Vim versions prior to 9.2.0435 **Description** An OS command injection issue exists in the `:find` command-line completion. When the `path` option contains shell commands enclosed in backticks, these commands are executed during file name completion. Since the `path` option lacks the `P SECURE` flag, it can be modified via a modeline. This allows an attacker who controls a file's content to execute arbitrary shell commands if a user opens that file and triggers the `:find` completion. **Recommendations** Update to version 9.2.0435.

**Name of the Vulnerable Software and Affected Versions** Gotenberg versions prior to 8.29.0 **Description** Gotenberg, an API for converting document formats, contains a flaw related to URL scheme handling. A previously implemented fix for CVE-2024-21527 could be bypassed by utilizing mixed-case or uppercase URL schemes, such as `FILE:///etc/passwd` or `File:///etc/passwd`. The issue stems from a case-sensitive regular expression used in the `FilterDeadline` function within `pkg/gotenberg/filter.go`, which does not account for the case-insensitivity of URI schemes as defined in RFC 3986 Section 3.1. This allows attackers to bypass the intended security measures and potentially read arbitrary files from the Gotenberg container. The vulnerability affects both the URL endpoint and HTML conversion processes, including those involving iframes and link tags. The vulnerable code resides in `pkg/modules/chromium/chromium.go`, `pkg/gotenberg/filter.go`, and `pkg/modules/chromium/events.go`. The API endpoint ''/forms/chromium/convert/url'' is affected, utilizing the `url` parameter. **Recommendations** Gotenberg versions prior to 8.29.0 should be updated to version 8.29.0 or later.

**Name of the Vulnerable Software and Affected Versions** Tautulli versions prior to 2.17.0 **Description** Tautulli is a Python-based monitoring and tracking tool for Plex Media Server. Before version 2.17.0, the `str eval()` function within the `notification handler.py` file implemented a sandboxed `eval()` function for notification text templates. The sandbox aimed to restrict callable names by inspecting `code.co names` of the compiled code object. However, `code.co names` only contains names from the outer code object. When a lambda expression was used, it created a nested code object, and attribute accesses were stored in `code.co consts`, not `code.co names`. Consequently, the sandbox did not inspect nested code objects. **Recommendations** Update Tautulli to version 2.17.0 or later.

Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the four date filter parameters (f min date available, f max date available, f min date created, f max date created) in ws std image sql filter() are concatenated directly into SQL without any escaping or type validation. This could result in an unauthenticated attacker reading the full database, including user password hashes. This issue has been patched in version 16.3.0.

**Name of the Vulnerable Software and Affected Versions** Froxlor versions prior to 2.3.5 **Description** The `DomainZones.add` API endpoint, accessible to customers with DNS enabled, does not validate the `content` field for specific DNS record types (LOC, RP, SSHFP, TLSA). This allows an attacker to inject newlines and BIND zone file directives, such as `$INCLUDE`, into the zone file. When the DNS rebuild cron job runs, the modified zone file is written to disk. This can lead to information disclosure, DNS service disruption, and potential zone data manipulation. The vulnerable code resides in `lib/Froxlor/Api/Commands/DomainZones.php` (lines 213-214, 253-254, 290-291, 292-293) and `lib/Froxlor/Dns/DnsEntry.php` (line 83), and the zone file is written in `lib/Froxlor/Cron/Dns/Bind.php` (line 121). An example of exploitation involves using the `curl` command with the `DomainZones.add` command and injecting BIND directives into the `content` parameter of a LOC record. The API endpoint is ''/api.php'' and the vulnerable parameter is `content`. **Recommendations** Update Froxlor to version 2.3.5 or later.

**Name of the Vulnerable Software and Affected Versions** SuiteCRM versions prior to 7.15.1 SuiteCRM versions prior to 8.9.3 **Description** SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, the `field function` parameter received through POST data in the AOR Reports module is saved directly into the `aor fields` table without validation. Subsequently, when a report is executed or viewed, this value is directly concatenated into a SQL SELECT query without sanitization, leading to a second-order SQL injection. An authenticated user with Reports access can potentially extract arbitrary database contents, including password hashes, API tokens, and configuration values. In MySQL environments with FILE privilege, Remote Code Execution (RCE) may be possible through SELECT INTO OUTFILE. **Recommendations** SuiteCRM versions prior to 7.15.1 should be updated to version 7.15.1 or later. SuiteCRM versions prior to 8.9.3 should be updated to version 8.9.3 or later.

**Name of the Vulnerable Software and Affected Versions** Chartbrew versions prior to 4.8.3 **Description** Chartbrew is a web application that connects to databases and APIs to create charts. Prior to version 4.8.3, an unauthenticated attacker can inject arbitrary SQL into queries executed against connected databases, specifically MySQL and PostgreSQL. This allows an attacker to potentially read, modify, or delete data within those databases, depending on the privileges of the database user. The vulnerable code involves the handling of date-type variables within the `applyMysqlOrPostgresVariables` function. **Recommendations** Versions prior to 4.8.3 should be updated to version 4.8.3 or later.

**Name of the Vulnerable Software and Affected Versions** OpenReplay versions prior to 1.20.0 **Description** OpenReplay is a self-hosted session replay suite. The `/{projectId}/cards/search` API endpoint has a SQL injection issue in the `sort.field` parameter for versions before 1.20.0. The issue allows for potential unauthorized database access or modification through manipulation of the `sort.field` parameter in the specified API endpoint. **Recommendations** Update to version 1.20.0 or later.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.2.21 **Description** The software contains an improper URL scheme validation issue in the `assertBrowserNavigationAllowed()` function. Authenticated users with browser-tool access can navigate to file:// URLs, potentially allowing attackers to access local files readable by the OpenClaw process user through browser snapshot and extraction actions, leading to sensitive data exfiltration. The vulnerable component is located in `src/browser/navigation-guard.ts`. The issue arises because the `assertBrowserNavigationAllowed()` function only validated `http:` and `https:` network targets, implicitly allowing other schemes. An attacker with valid gateway credentials and browser-tool access can exfiltrate local files readable by the OpenClaw process user. **Recommendations** OpenClaw versions prior to 2026.2.21 should be updated to version 2026.2.21 or later. Reject unsupported navigation schemes and allow only explicitly safe non-network URLs. OpenClaw now blocks non-network schemes (such as `file:`, `data:`, and `javascript:`) while preserving `about:blank`.

**Name of the Vulnerable Software and Affected Versions** BentoML versions prior to 1.4.36 **Description** BentoML, a Python library used for building online serving systems for AI applications, contains a flaw in the `safe extract tarfile()` function. This function inadequately validates symlink targets within tar files. Specifically, it verifies the symlink's own path but does not check the path to which the symlink points. An attacker can exploit this by crafting a malicious tar file containing a symlink that points to a location outside the intended extraction directory, followed by a regular file. When the tar file is extracted, writing through the symlink can result in arbitrary file write on the host filesystem. The vulnerable code resides in `src/bentoml/ internal/utils/filesystem.py` lines 58-96. The issue is present in all versions containing the `safe extract tarfile()` function. A proof of concept demonstrates the ability to overwrite files, potentially leading to remote code execution, especially in scenarios involving shared bentos or BentoCloud deployments. **Recommendations** Versions prior to 1.4.36 should be updated to version 1.4.36 or later. As a mitigation, validate symlink targets within the `safe extract tarfile()` function to ensure they remain within the intended destination directory. Alternatively, consider using Python 3.12 or later and utilizing the `tar.extractall(filter='data')` method.

**Name of the Vulnerable Software and Affected Versions** NocoDB versions prior to 0.301.3 **Description** NocoDB is software for building databases as spreadsheets. An authenticated user with a Creator role can inject arbitrary SQL code through the `unit` parameter of the DATEADD formula. The third argument (`unit`) of the `DATEADD` function was directly interpolated into `knex.raw()` queries after only stripping quote characters. Validation in `formulas.ts` only checked `Literal` AST node types, allowing non-Literal types to bypass validation. This affects MySQL, PostgreSQL, and SQLite function mappings. Successful exploitation could lead to data exfiltration or modification of the connected database. **Recommendations** Versions prior to 0.301.3 should be updated to version 0.301.3 or later.

**Name of the Vulnerable Software and Affected Versions** Actual versions prior to 26.2.1 **Description** Actual is a local-first personal finance tool. In multi-user mode (OpenID), the sync API endpoints (`/sync/*`) do not verify that the authenticated user owns or has access to the file being operated on. Any authenticated user can read, modify, and overwrite any other user's budget files by providing their file ID. The issue affects the following API endpoints: `/sync/download-user-file`, `/sync/upload-user-file`, `/sync/sync`, `/sync/user-get-key`, `/sync/user-create-key`, `/sync/reset-user-file`, `/sync/update-user-filename`, and `/sync/get-user-file-info`. The `validateSessionMiddleware` confirms user authentication, but endpoints lack checks to ensure the user owns or has access to the file. File IDs can be discovered through various methods, including admin access and user sharing. This allows an attacker to steal financial data, modify budgets, and tamper with encryption keys. **Recommendations** Update to version 26.2.1 or later.

**Name of the Vulnerable Software and Affected Versions** Plane versions prior to 1.2.2 **Description** Plane is an open-source project management tool. The `ProjectAssetEndpoint.patch()` method in `apps/api/plane/app/views/asset/v2.py` (lines 579–593) performs a global asset lookup using only the asset ID (`pk`) via `FileAsset.objects.get(id=pk)`, without verifying that the asset belongs to the workspace and project specified in the URL path. This allows any authenticated user, including those with the GUEST role, to modify the `attributes` and `is uploaded` status of assets belonging to any workspace or project within the Plane instance by guessing or enumerating asset UUIDs. The affected API endpoint is `/api/v1/assets/{id}` where `id` is the asset ID (`pk`). **Recommendations** Versions prior to 1.2.2 should be updated to version 1.2.2 or later.

**Name of the Vulnerable Software and Affected Versions** Mautic versions 4.4.19 through 5.2.9 Mautic versions 6.0.0 through 6.0.7 Mautic versions 7.0.0 through 7.0.0 **Description** A SQL injection issue exists in the API endpoint used for retrieving contact activities. The vulnerability is located in the query construction for the Contact Activity timeline, where the parameter controlling sort direction lacks proper validation against an allowlist. This allows authenticated users to potentially inject arbitrary SQL commands via the API. The vulnerable parameter is related to the sort direction functionality. **Recommendations** Update to Mautic version 4.4.19 or later. Update to Mautic version 5.2.10 or later. Update to Mautic version 6.0.8 or later. Update to Mautic version 7.0.1 or later.

**Name of the Vulnerable Software and Affected Versions** Pimcore versions up to and including 11.5.14.1 and 12.3.2 **Description** Pimcore is an Open Source Data & Experience Management Platform. A critical SQL Injection issue exists in the dependency listing endpoints. The `filter` query parameter is JSON-decoded, and the `value` field is directly concatenated into RLIKE clauses without proper sanitization or the use of parameterized queries. Exploitation requires administrator authentication. An attacker with admin panel access can potentially extract the entire database, including password hashes of other administrator users. The issue is present in the following code locations within `models/Dependency/Dao.php`: `getFilterRequiresByPath()` lines 90, 95, 100 and `getFilterRequiredByPath()` lines 148, 153, 158. The API endpoints affected are: ''/admin/element/get-requires-dependencies'' and ''/admin/element/get-required-by-dependencies''. The vulnerable parameter is `filter` and specifically the `value` field within it. The direct string concatenation occurs as: "AND LOWER(CONCAT(o.path, o.key)) RLIKE ''".$`value`."''". A proof-of-concept (PoC) demonstrates time-based blind SQL injection and error-based extraction of data, including the MySQL version string. **Recommendations** Versions prior to 12.3.3 are affected. Update to version 12.3.3 or later to resolve this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SillyTavern versions prior to 1.16.0 **Description** SillyTavern is a locally installed user interface for interacting with large language models, image generation engines, and text-to-speech voice models. A Server-Side Request Forgery (SSRF) exists in the asset download endpoint for versions prior to 1.16.0. This allows authenticated users to make arbitrary HTTP requests from the server and read the full response body, potentially exposing internal services, cloud metadata, and private network resources. The issue is addressed by a whitelist domain check for asset download requests introduced in version 1.16.0, configurable via the `whitelistImportDomains` array in the `config.yaml` file. **Recommendations** Upgrade to SillyTavern version 1.16.0 or later. Review and customize the `whitelistImportDomains` array in the `config.yaml` file to ensure appropriate domain restrictions.

**Name of the Vulnerable Software and Affected Versions** Craft CMS versions 5.6.0 through 5.9.10 **Description** Craft CMS is a content management system (CMS). A flaw exists in the way settings are processed, specifically within the `EntryTypesController.php` file. The `$settings` array, derived from `parse str`, is directly passed to `Craft::configure()` without proper sanitization using `Component::cleanseConfig()`. This allows for the injection of Yii2 behavior and event handlers through keys prefixed with 'as' or 'on', mirroring a previously identified attack vector. Successful exploitation requires administrator permissions within the Craft control panel and the `allowAdminChanges` setting to be enabled. An attacker can leverage this to achieve Remote Code Execution (RCE) using the same gadget chain as the original advisory. **Recommendations** Versions 5.6.0 through 5.9.10 should be updated to version 5.9.11.