Rceraser

**Name of the Vulnerable Software and Affected Versions** Tongda OA version 2017 11.10 **Description** A critical vulnerability was found in Tongda OA, affecting the file general/system/approve center/flow guide/flow type/set print/delete.php. The manipulation of the `DELETE STR` argument leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Tongda OA version 2017 11.10, as a temporary workaround, consider restricting access to the `delete.php` file in the `general/system/approve center/flow guide/flow type/set print` directory until a patch is available. Avoid using the `DELETE STR` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tongda OA 2017 version 11.10 **Description** A critical issue has been found in the software. It affects an unknown function of the file general/hr/salary/welfare manage/delete.php. The manipulation of the `WELFARE ID` argument leads to sql injection. This issue can be exploited remotely. **Recommendations** For Tongda OA 2017 version 11.10, consider restricting access to the vulnerable file general/hr/salary/welfare manage/delete.php until a patch is available. As a temporary workaround, avoid using the `WELFARE ID` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ForU CMS (affected versions not specified) **Description** A problematic vulnerability was found in ForU CMS, affecting unknown code of the file /admin/cms admin.php. The manipulation of the `del` argument leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tongda OA version 2017 **Description** A critical issue was found in Tongda OA, affecting some unknown functionality of the file general/hr/manage/staff relatives/delete.php. The manipulation of the `RELATIVES ID` argument leads to SQL injection. **Recommendations** For Tongda OA version 2017, consider restricting access to the vulnerable file general/hr/manage/staff relatives/delete.php to minimize the risk of exploitation. As a temporary workaround, avoid using the `RELATIVES ID` argument in the affected functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBOS OA version 4.5.5 **Description** A critical issue was found in IBOS OA, affecting an unknown part of the file `?r=dashboard/position/del`. This issue leads to sql injection and can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For IBOS OA version 4.5.5, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `?r=dashboard/position/del` endpoint until a patch is available. Avoid using this endpoint in your applications until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** IBOS OA version 4.5.5 **Description** A critical vulnerability was found in the Delete Draft Handler component, affecting an unknown part of the file at the endpoint "?r=email/api/delDraft&archiveId=0". The manipulation leads to SQL injection, and it is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For IBOS OA version 4.5.5, as a temporary workaround, consider restricting access to the Delete Draft Handler component until a patch is available. Avoid using the endpoint "?r=email/api/delDraft&archiveId=0" in the affected API until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Byzoro Smart S85F Management Platform versions up to 20230807 Beijing Baichuo Smart S85F Management Platform versions up to 20230807 **Description** A critical issue has been found, affecting an unknown functionality of the file /log/decodmail.php. The manipulation of the `file` argument leads to command injection. This issue can be exploited remotely. **Recommendations** For Byzoro Smart S85F Management Platform versions up to 20230807, consider restricting access to the /log/decodmail.php file until a patch is available. For Beijing Baichuo Smart S85F Management Platform versions up to 20230807, consider restricting access to the /log/decodmail.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Byzoro Smart S85F Management Platform versions up to 20230722 **Description** A critical issue affects the processing of the file importhtml.php, where the manipulation of the `sql` argument leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly. **Recommendations** For versions up to 20230722, as a temporary workaround, consider restricting access to the importhtml.php file until a patch is available. Avoid using the `sql` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 **Description** A critical issue has been discovered, affecting the /App Resource/UEditor/server/upload.aspx file, where the manipulation of the `file` argument leads to unrestricted upload. The exploit details are publicly available. **Recommendations** For Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0, as a temporary workaround, consider restricting access to the upload.aspx file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ruijie RG-BCR860 version 2.5.13 **Description** A critical issue affects the Network Diagnostic Page component, leading to os command injection through unknown processing. This can be exploited remotely. **Recommendations** For Ruijie RG-BCR860 version 2.5.13, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ruijie RG-EW1200G version EW 3.0(1)B11P204 **Description** A critical issue has been found, affecting the Admin Password Handler component, specifically the file app.09df2a9e44ab48766f5f.js. This leads to improper access controls, and the attack can be initiated remotely. The exploit has been disclosed publicly, and the vendor was contacted but did not respond. **Recommendations** For Ruijie RG-EW1200G version EW 3.0(1)B11P204, as a temporary workaround, consider restricting access to the Admin Password Handler component until a patch is available. Additionally, restrict remote access to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dahua Smart Parking Management versions up to 20230528 **Description** The issue is related to insufficient checking of incoming requests in the /ipms/imageConvert/image file of the Dahua Smart Parking Management system. This can allow a remote attacker to perform a server-side request forgery (SSRF) attack by manipulating the `fileUrl` argument. The exploit has been publicly disclosed, and the vendor was contacted but did not respond. **Recommendations** For versions up to 20230528, as a temporary workaround, consider restricting access to the /ipms/imageConvert/image file to minimize the risk of exploitation. Avoid using the `fileUrl` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Supcon SimField versions up to 1.80.00.00 **Description** A critical issue has been found in Supcon SimField, affecting some unknown functionality of the file "/admin/reportupload.aspx". The manipulation of the argument `files[]` leads to unrestricted upload. The attack can be launched remotely. The issue has been publicly disclosed and may be exploited. **Recommendations** For versions up to 1.80.00.00, as a temporary workaround, consider restricting access to the "/admin/reportupload.aspx" file to minimize the risk of exploitation. Avoid using the `files[]` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Tongda OA version 11.10 **Description** A critical vulnerability has been found in Tongda OA, affecting the `actionGetdata` function of the `GatewayController.php` file. This vulnerability leads to unrestricted upload and can be initiated remotely. The exploit has been disclosed to the public. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Tongda OA version 11.10, as a temporary workaround, consider disabling the `actionGetdata` function of the `GatewayController.php` file until a patch is available. Restrict access to the `GatewayController.php` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Weaver E-Office version 9.5 **Description** The issue is related to the absence of restrictions on file uploads in the App/Ajax/ajax.php?action=mobile upload save component of the Weaver E-Office platform. This allows a remote attacker to upload arbitrary files, potentially impacting the confidentiality, integrity, and availability of protected information. The manipulation of the `upload quwan` argument leads to unrestricted upload. The attack can be launched remotely. **Recommendations** For Weaver E-Office version 9.5, as a temporary workaround, consider restricting access to the "App/Ajax/ajax.php?action=mobile upload save" endpoint to minimize the risk of exploitation. Avoid using the `upload quwan` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.