Rahad Chowdhury

**Name of the Vulnerable Software and Affected Versions** Quick.CMS version 6.7 **Description** An issue in the sliders form allows authenticated attackers to inject malicious scripts by submitting payloads through the `sDescription` parameter. This can be achieved by crafting CSRF (Cross-Site Request Forgery) forms—a technique where a victim is tricked into performing an action they did not intend—targeting the 'admin.php?p=sliders-form' endpoint to execute arbitrary JavaScript in the victim's browser. **Recommendations** Avoid using the `sDescription` parameter in the 'admin.php?p=sliders-form' endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Fuel CMS version 1.4.13 **Description** Authenticated attackers can manipulate database queries by injecting SQL code through the `col` parameter in the Activity Log interface. By sending requests to the 'logs' endpoint with malicious SQL payloads in the `col` parameter, attackers can extract database information using blind SQL injection, which is a technique that determines data by observing the time delays in server responses. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** KodExplorer version 4.52 **Description** KodExplorer 4.52 contains an open redirect issue in the user login page. Attackers can manipulate the `link` parameter to redirect users to arbitrary external websites after authentication. The vulnerable endpoint is the user login page. The `link` parameter is susceptible to manipulation. **Recommendations** Apply a fix to sanitize the `link` parameter on the user login page to prevent redirection to arbitrary external websites.

Name of the Vulnerable Software and Affected Versions: Tourism Management System version 2.0 Description: A shell upload issue exists in Tourism Management System 2.0, allowing an attacker to upload and execute arbitrary PHP shell scripts on the server. Successful exploitation can lead to remote code execution and unauthorized access to the system, potentially compromising sensitive data and system functionality. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ChurchCRM version 4.5.4 **Description** The issue is related to Reflected Cross-Site Scripting (XSS) via an image file. This means that an attacker could potentially inject malicious scripts into the website, which would then be executed by the user's browser. **Recommendations** For ChurchCRM version 4.5.4, update to a newer version that contains a fix for this issue, as using outdated versions can pose significant security risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bludit version 3.14.1 **Description** The issue is related to Stored Cross Site Scripting (XSS) via an SVG file on the site logo. It's noted that the product's security model trusts users to insert arbitrary content, as they cannot create their own accounts through self-registration. **Recommendations** For Bludit version 3.14.1, consider restricting the upload of SVG files for the site logo to minimize the risk of exploitation. As a temporary workaround, avoid using SVG files for the site logo until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SENAYAN Library Management System (SLiMS) Bulian version 9.5.2 **Description** The issue allows attackers to obtain information such as the user's geolocation and device information because the system does not strip exif data from uploaded images. **Recommendations** For version 9.5.2, consider removing or stripping exif data from uploaded images to prevent information disclosure. As a temporary workaround, restrict image uploads until a proper fix is implemented.

**Name of the Vulnerable Software and Affected Versions** CSZ CMS version 1.2.9 **Description** The issue is related to a Time and Boolean-based Blind SQL Injection. This occurs in the `/admin/export/getcsv/article db` endpoint, specifically through the `fieldS[]` and `orderby` parameters. **Recommendations** For CSZ CMS version 1.2.9, avoid using the `fieldS[]` and `orderby` parameters in the `/admin/export/getcsv/article db` endpoint until a fix is available. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation.