Raynlight

**Name of the Vulnerable Software and Affected Versions** NetExec versions prior to 1.5.1 **Description** NetExec is a network execution tool. The spider plus module does not properly handle file paths when saving files from SMB shares, specifically failing to account for path traversal characters like `../` in Linux SMB shares. This allows an attacker to craft a filename containing these characters, potentially leading to arbitrary file overwrites or creation during file downloads performed by the spider plus module. The issue is addressed in version 1.5.1. **Recommendations** Versions prior to 1.5.1 should be updated to version 1.5.1 or later. As a workaround, avoid running spider plus with DOWNLOAD=true against targets.

**Name of the Vulnerable Software and Affected Versions** Phishing Club versions prior to 1.30.2 **Description** Phishing Club is a phishing simulation and man-in-the-middle framework. An authenticated SQL injection issue exists in the GetOrphaned recipient listing endpoint. The endpoint builds a SQL query and adds the user-controlled `sortBy` value directly into the ORDER BY clause without proper validation. Unknown values are passed through the `RemapOrderBy()` function, allowing an authenticated attacker to inject SQL expressions into the `ORDER BY` clause. The issue was addressed by validating the order-by column against an allowlist and removing unknown mappings. The vulnerable endpoint is '/GetOrphaned'. **Recommendations** Update to version 1.30.2 or later.