Red88-Debug

**Name of the Vulnerable Software and Affected Versions** MetaCRM version 6.4.0 **Description** An unrestricted upload issue exists in the file 'develop/systparam/softlogo/upload.jsp'. This flaw allows a remote attacker to upload files without proper restrictions through an unknown function within that file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MetaCRM versions prior to 6.4.0 Beta06 **Description** An unrestricted file upload issue exists in the file '/common/jsp/upload3.jsp'. A remote attacker can exploit this by manipulating the `File` argument, allowing the upload of unauthorized files. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. Restrict access to the file '/common/jsp/upload3.jsp' to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Shandong Hoteam Software PDM Product Data Management System versions prior to 8.3.10 **Description** A remote SQL injection can be initiated through the manipulation of the `SortOrder` argument. This issue affects the `GetQueryMachineGridOnePageData()` function within the '/Base/BaseService.asmx/DataService' endpoint. **Recommendations** Upgrade to version 8.3.10. As a temporary workaround, restrict access to the '/Base/BaseService.asmx/DataService' endpoint or avoid using the `SortOrder` argument until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Acrel Electrical ECEMS Enterprise Microgrid Energy Efficiency Management System version 1.3.0 **Description** A remote SQL injection flaw exists in an unknown function within the file '/SubstationWEBV2/main/elecMaxMinAvgValue'. This issue occurs when the `fCircuitids` argument is manipulated, allowing an attacker to execute arbitrary SQL commands. SQL injection is a technique where malicious SQL statements are inserted into entry fields for execution, potentially allowing unauthorized access to or modification of the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the file '/SubstationWEBV2/main/elecMaxMinAvgValue' or avoid using the `fCircuitids` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform version 1.3.0 **Description** An unauthenticated remote SQL injection exists in the '/SubstationWEBV2/main/elecMaxMinAvgValue' endpoint. The issue occurs when the `fCircuitids` argument is manipulated, allowing attackers to extract operational data and manipulate power data directly. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the '/SubstationWEBV2/main/elecMaxMinAvgValue' endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Tiandy Easy7 Integrated Management Platform versions up to 7.17.0 **Description** A flaw exists in the Configuration Handler component of Tiandy Easy7 Integrated Management Platform. Specifically, the issue resides in the `/Easy7/apps/WebService/ImportSystemConfiguration.jsp` file. Manipulation of the `File` argument can result in operating system command injection. This allows for remote attacks. The exploit for this issue has been publicly disclosed. **Recommendations** Versions prior to 7.17.0 should be used.

**Name of the Vulnerable Software and Affected Versions** Tiandy Video Surveillance System version 7.17.0 **Description** A security issue exists in Tiandy Video Surveillance System that allows for unrestricted file uploads. This is due to the manipulation of the `fileName` argument within the `uploadFile` function located in the `/src/com/tiandy/easy7/core/rest/CLS REST File.java` file. The attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tiandy Video Surveillance System version 7.17.0 **Description** A security flaw exists in Tiandy Video Surveillance System. The issue is related to server-side request forgery, stemming from manipulation of the `urlPath` argument within the `downloadImage` function located in the file /com/tiandy/easy7/core/bo/CLSBODownLoad.java. The vulnerability is remotely exploitable, and the exploit has been publicly released. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Huace Monitoring and Early Warning System version 2.2 **Description** A weakness exists in Huace Monitoring and Early Warning System 2.2, specifically within an unknown functionality of the `/Web/SysManage/ProjectRole.aspx` file. Manipulating the `ID` argument can lead to a SQL injection. The attack can be launched remotely, and an exploit has been publicly released. The vendor was contacted regarding this issue but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sciyon Koyuan Thermoelectricity Heat Network Management System version 3.0 **Description** A security issue exists in Sciyon Koyuan Thermoelectricity Heat Network Management System 3.0. The manipulation of the `PGUID` argument in the file '/SISReport/WebReport20/Proxy/AsyncTreeProxy.aspx' can lead to SQL injection. This issue can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.