Ramikan

**Name of the Vulnerable Software and Affected Versions** Xinuos (formerly SCO) Openserver versions v5 and v6 **Description** The issue allows attackers to execute arbitrary commands via shell metacharacters in the `outputform` or `toclevels` parameter to "cgi-bin/printbook". **Recommendations** For Xinuos (formerly SCO) Openserver versions v5 and v6, consider restricting access to the "cgi-bin/printbook" endpoint until a patch is available. As a temporary workaround, avoid using the `outputform` and `toclevels` parameters in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xinuo Openserver versions 5 and 6 **Description** A reflected Cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML tag via the parameter `section`. This enables attackers to potentially execute malicious scripts on the victim's browser. **Recommendations** For Xinuo Openserver version 5: Update to a version that fixes this issue. For Xinuo Openserver version 6: Update to a version that fixes this issue. As a temporary workaround, consider restricting access to the `section` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Spiceworks version 7.5.7.0 **Description** The issue allows an attacker to perform a Host Header Injection, enabling them to render arbitrary links that point to a malicious website with poisoned Host header webpages. **Recommendations** For Spiceworks version 7.5.7.0, consider restricting access to the Host Header Injection feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kirona Dynamic Resource Scheduling (DRS) version 5.5.3.5 **Description** An issue in Kirona Dynamic Resource Scheduling (DRS) allows an unauthenticated user to access the "/osm/REGISTER.cmd" (also known as "/osm tiles/REGISTER.cmd") endpoint directly. This endpoint contains sensitive information about the database through SQL queries within the batch file, exposing details such as database version, table name, and column name. **Recommendations** For version 5.5.3.5, consider restricting access to the "/osm/REGISTER.cmd" endpoint to prevent unauthorized users from accessing sensitive database information. As a temporary workaround, restrict access to this endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Kirona Dynamic Resource Scheduling (DRS) version 5.5.3.5 **Description** A reflected Cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script. This is achieved via the "password" parameter in the "/osm/report/" API endpoint. **Recommendations** For version 5.5.3.5, avoid using the `password` parameter in the "/osm/report/" API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Embedthis GoAhead version 2.5.0 **Description** An issue was discovered where certain pages, such as "goform/login" and "config/log off page.htm", create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack. **Recommendations** For Embedthis GoAhead version 2.5.0, consider restricting access to the affected pages, such as "goform/login" and "config/log off page.htm", until a patch is available. As a temporary workaround, avoid using the arbitrary HTTP Host header to generate links on these pages.

**Name of the Vulnerable Software and Affected Versions** Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82.130611 **Description** A reflected HTML injection issue allows remote attackers to inject arbitrary HTML elements via specific API endpoints, including `/DataLog.csv?log=`, `/AlarmLog.csv?log=`, `/waitlog.cgi?name=`, `/chart.shtml?data=`, or `/createlog.cgi?name=` requests. **Recommendations** For Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82.130611, consider restricting access to the vulnerable API endpoints, such as `/DataLog.csv?log=`, `/AlarmLog.csv?log=`, `/waitlog.cgi?name=`, `/chart.shtml?data=`, and `/createlog.cgi?name=`, until a patch is available. Avoid using these endpoints with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ShoreTel Connect ONSITE versions prior to 19.49.1500.0 **Description** A reflected Cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the `brandUrl` parameter. **Recommendations** For versions prior to 19.49.1500.0, update to version 19.49.1500.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ShoreTel Connect ONSITE version 19.45.1602.0 **Description** A reflected Cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `url` parameter. This enables attackers to potentially execute malicious scripts on the victim's browser. **Recommendations** For ShoreTel Connect ONSITE version 19.45.1602.0, consider restricting access to the vulnerable parameter `url` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ShoreTel Connect ONSITE version 18.82.2000.0 **Description** A reflected Cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `page` parameter. This is related to the lack of protection measures for the web page structure in Mitel Connect OnSite conferencing systems, which can be exploited by a remote attacker to inject arbitrary web script or HTML code. **Recommendations** For ShoreTel Connect ONSITE version 18.82.2000.0, as a temporary workaround, consider restricting access to the `page` parameter in the affected API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.