Qiantx

Name of the Vulnerable Software and Affected Versions: Dinstar Monitoring Platform version 1.0 Description: A critical vulnerability exists in Dinstar Monitoring Platform 甘肃省危险品库监控平台. The issue is a SQL injection vulnerability stemming from the manipulation of the `userBean.loginName` argument within an unknown function of the file `/itc/$%7BappPath%7D/login getPasswordErrorNum.action`. This allows for remote exploitation. The exploit has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kehua Charging Pile Cloud Platform version 1.0 **Description** A critical vulnerability exists in Kehua Charging Pile Cloud Platform 1.0. The issue involves a SQL injection affecting an unknown part of the `/sys/task/findAllTask` file. This allows for remote exploitation. The exploit has been publicly disclosed. The vendor was contacted regarding this disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kehua Charging Pile Cloud Platform version 1.0 **Description** A critical issue exists within Kehua Charging Pile Cloud Platform 1.0, related to improper authentication. The vulnerability affects unknown code within the `/home` file and can be exploited remotely. The exploit for this issue has been publicly disclosed. The vendor was informed of the disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Chanjet CRM version 1.0 **Description** A critical vulnerability exists in Chanjet CRM 1.0. The issue is related to SQL injection within an unknown functionality of the file `/mail/mailinactive.php` of the Login Page component. This allows for remote attacks. The exploit for this issue has been publicly disclosed. **Recommendations** Chanjet CRM version 1.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System versions up to 8.2 **Description** A critical vulnerability exists in Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System. The vulnerability is due to SQL injection in the `/admin/system/structure/getdirectorydata/web/baseinfo/companyManage` file. Manipulation of the `Struccture ID` argument allows for remote exploitation. The exploit has been publicly disclosed. **Recommendations** Versions prior to 8.3: At the moment, there is no information about a newer version that contains a fix for this vulnerability.