Rekter0

**Name of the Vulnerable Software and Affected Versions** QNAP QTS versions prior to 5.1.3.2578 build 20231110 QNAP QuTS hero versions prior to 5.1.3.2578 build 20231110 **Description** An OS command injection issue affects QNAP operating system versions, potentially allowing authenticated administrators to execute commands via a network. The vulnerability is related to the failure to neutralize special elements used in OS commands, which could enable a remote attacker to execute arbitrary commands using specially crafted data. **Recommendations** For QNAP QTS versions prior to 5.1.3.2578 build 20231110, update to QTS 5.1.3.2578 build 20231110 or later. For QNAP QuTS hero versions prior to 5.1.3.2578 build 20231110, update to QuTS hero h5.1.3.2578 build 20231110 or later.

**Name of the Vulnerable Software and Affected Versions** QuMagie versions prior to 2.1.3 **Description** An OS command injection issue has been reported, potentially allowing authenticated users to execute commands via a network. **Recommendations** For versions prior to 2.1.3, update to QuMagie 2.1.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** QuMagie versions prior to 2.1.4 **Description** A SQL injection issue has been reported, potentially allowing authenticated users to inject malicious code via a network. **Recommendations** For versions prior to 2.1.4, update to QuMagie 2.1.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** QuMagie versions prior to 2.1.4 **Description** A SQL injection issue has been reported, potentially allowing authenticated users to inject malicious code via a network. **Recommendations** For versions prior to 2.1.4, update to QuMagie 2.1.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** QNAP QTS versions prior to 5.1.4.2596 build 20231128 QNAP QuTS hero versions prior to h5.1.4.2596 build 20231128 QNAP QuTScloud versions prior to c5.1.5.2651 **Description** The issue is related to an OS command injection vulnerability that could allow authenticated administrators to execute commands via a network. This vulnerability is due to the lack of measures to neutralize special elements used in the OS command. If exploited, it may allow a remote attacker to execute arbitrary commands. **Recommendations** For QNAP QTS versions prior to 5.1.4.2596 build 20231128, update to QTS 5.1.4.2596 build 20231128 or later. For QNAP QuTS hero versions prior to h5.1.4.2596 build 20231128, update to QuTS hero h5.1.4.2596 build 20231128 or later. For QNAP QuTScloud versions prior to c5.1.5.2651, update to QuTScloud c5.1.5.2651 or later.

**Name of the Vulnerable Software and Affected Versions** QTS versions prior to 5.1.4.2596 build 20231128 QuTS hero versions prior to h5.1.4.2596 build 20231128 QuTScloud versions prior to c5.1.5.2651 **Description** The issue is related to a lack of measures to neutralize special elements used in the operating system command, which could allow a remote attacker to execute arbitrary commands. This is an OS command injection vulnerability that could be exploited by authenticated administrators to execute commands via a network. **Recommendations** For QTS versions prior to 5.1.4.2596 build 20231128, update to version 5.1.4.2596 build 20231128 or later. For QuTS hero versions prior to h5.1.4.2596 build 20231128, update to version h5.1.4.2596 build 20231128 or later. For QuTScloud versions prior to c5.1.5.2651, update to version c5.1.5.2651 or later.

**Name of the Vulnerable Software and Affected Versions** QTS versions prior to 5.1.4.2596 build 20231128 QuTS hero versions prior to h5.1.4.2596 build 20231128 QuTScloud versions prior to c5.1.5.2651 **Description** The issue is related to a lack of measures to neutralize special elements used in the operating system command. This could allow a remote attacker to execute arbitrary commands. The vulnerability affects several QNAP operating system versions and can be exploited by authenticated administrators via a network. **Recommendations** For QTS versions prior to 5.1.4.2596 build 20231128, update to version 5.1.4.2596 build 20231128 or later. For QuTS hero versions prior to h5.1.4.2596 build 20231128, update to version h5.1.4.2596 build 20231128 or later. For QuTScloud versions prior to c5.1.5.2651, update to version c5.1.5.2651 or later.

**Name of the Vulnerable Software and Affected Versions** QTS versions prior to 5.1.3.2578 build 20231110 QuTS hero versions prior to h5.1.3.2578 build 20231110 QuTScloud versions prior to c5.1.5.2651 **Description** The issue is related to improper authentication procedures in QNAP operating systems, which could allow a remote attacker to compromise the target system. **Recommendations** For QTS versions prior to 5.1.3.2578 build 20231110, update to version 5.1.3.2578 build 20231110 or later. For QuTS hero versions prior to h5.1.3.2578 build 20231110, update to version h5.1.3.2578 build 20231110 or later. For QuTScloud versions prior to c5.1.5.2651, update to version c5.1.5.2651 or later.

**Name of the Vulnerable Software and Affected Versions** QTS versions prior to 5.1.4.2596 build 20231128 QTS versions prior to 4.5.4.2627 build 20231225 QuTS hero versions prior to h5.1.4.2596 build 20231128 QuTS hero versions prior to h4.5.4.2626 build 20231225 QuTScloud versions prior to c5.1.5.2651 **Description** An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. **Recommendations** For QTS versions prior to 5.1.4.2596 build 20231128, update to QTS 5.1.4.2596 build 20231128 or later. For QTS versions prior to 4.5.4.2627 build 20231225, update to QTS 4.5.4.2627 build 20231225 or later. For QuTS hero versions prior to h5.1.4.2596 build 20231128, update to QuTS hero h5.1.4.2596 build 20231128 or later. For QuTS hero versions prior to h4.5.4.2626 build 20231225, update to QuTS hero h4.5.4.2626 build 20231225 or later. For QuTScloud versions prior to c5.1.5.2651, update to QuTScloud c5.1.5.2651 or later.

**Name of the Vulnerable Software and Affected Versions** QNAP QTS versions prior to 5.1.3.2578 build 20231110 QNAP QuTS hero versions prior to h5.1.3.2578 build 20231110 QNAP QuTScloud versions prior to c5.1.5.2651 **Description** An OS command injection issue affects QNAP operating system versions, potentially allowing authenticated administrators to execute commands via a network. This could be exploited by a remote attacker to execute arbitrary commands. **Recommendations** For QNAP QTS versions prior to 5.1.3.2578 build 20231110, update to QTS 5.1.3.2578 build 20231110 or later. For QNAP QuTS hero versions prior to h5.1.3.2578 build 20231110, update to QuTS hero h5.1.3.2578 build 20231110 or later. For QNAP QuTScloud versions prior to c5.1.5.2651, update to QuTScloud c5.1.5.2651 or later.

**Name of the Vulnerable Software and Affected Versions** XWiki versions 13.10.8 through 13.10.10 XWiki versions 14.4.3 through 14.4.6 XWiki versions 14.6 through 14.9 **Description** The issue allows code injection using the URL of authenticated endpoints, such as the `/xwiki/authenticate/wiki/xwiki` endpoint. This can be exploited by manipulating the URL to inject malicious code. The problem is present in several recent versions of XWiki. **Recommendations** For XWiki versions 13.10.8 through 13.10.10, update to version 13.10.11. For XWiki versions 14.4.3 through 14.4.6, update to version 14.4.7. For XWiki versions 14.6 through 14.9, update to version 14.10.

**Name of the Vulnerable Software and Affected Versions** ImpressCMS versions prior to 1.4.2 **Description** The issue is related to insufficient restrictions on the directory path name in the processimage.php component of the ImpressCMS system. This can be exploited by a remote attacker to execute arbitrary code. The vulnerability involves directory traversal in the origName or imageName parameters, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in `PHP SESSION UPLOAD PROGRESS` when the PHP installation supports upload progress. **Recommendations** For versions prior to 1.4.2, update to version 1.4.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the processImage.php script and disabling the use of the `origName` and `imageName` parameters in the CKEditor script until a patch is available. Avoid using the `PHP SESSION UPLOAD PROGRESS` variable in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.5 to 3.5.17 Moodle versions 3.8 to 3.8.8 Moodle versions 3.9 to 3.9.6 Moodle versions 3.10 to 3.10.3 **Description** An SQL injection risk exists on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. This requires site administrator access or access to the keypair. The issue is due to insufficient cleaning of user-provided data in the XML-RPC call, allowing a remote attacker to execute arbitrary SQL queries. **Recommendations** For Moodle versions 3.5 to 3.5.17, update to a version later than 3.5.17 to resolve the issue. For Moodle versions 3.8 to 3.8.8, update to a version later than 3.8.8 to resolve the issue. For Moodle versions 3.9 to 3.9.6, update to a version later than 3.9.6 to resolve the issue. For Moodle versions 3.10 to 3.10.3, update to a version later than 3.10.3 to resolve the issue. As a temporary workaround, consider restricting access to the XML-RPC call to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: moodle versions prior to 3.10.2 moodle versions prior to 3.9.5 moodle versions prior to 3.8.8 moodle versions prior to 3.5.17 Description: The issue arises from insufficient sanitizing of text-based feedback answers, leading to stored XSS and blind SSRF risks. Recommendations: For versions prior to 3.10.2, update to version 3.10.2 or later. For versions prior to 3.9.5, update to version 3.9.5 or later. For versions prior to 3.8.8, update to version 3.8.8 or later. For versions prior to 3.5.17, update to version 3.5.17 or later.

**Name of the Vulnerable Software and Affected Versions** Moodle (affected versions not specified) **Description** A stored XSS and blind SSRF issue exists due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim into following a specially crafted link and execute arbitrary HTML and script code in the user's browser in the context of the vulnerable website to steal potentially sensitive information, change the appearance of the web page, perform phishing, and drive-by-download attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moodle (affected versions not specified) **Description** A blind Server-Side Request Forgery (SSRF) vulnerability was found due to insufficient validation of user-supplied input in the LTI provider library. The library does not utilize Moodle's inbuilt cURL helper, resulting in a blind SSRF risk. An attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems. This allows a remote attacker to perform SSRF attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moodle (affected versions not specified) **Description** The issue is related to insufficient redirect handling in Moodle, allowing an attacker to bypass cURL blocked hosts/allowed ports restrictions. This results in a blind Server-Side Request Forgery (SSRF) risk, where an attacker can exploit the vulnerability to perform SSRF attacks. The vulnerability is associated with inadequate input validation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Live Helper Chat versions prior to 3.44v **Description** The issue allows reflected XSS via the `setsettingajax` PATH INFO. This can potentially lead to malicious script execution. **Recommendations** For versions prior to 3.44v, update to version 3.44v or later to resolve the issue. As a temporary workaround, consider restricting access to the `setsettingajax` PATH INFO to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Live Helper Chat versions prior to 3.44v **Description** The issue allows for stored XSS in chat messages with an operator via BBCode. This means that an attacker can inject malicious code into chat messages, which can then be executed by the operator's browser, potentially leading to unauthorized access or other malicious activities. **Recommendations** For versions prior to 3.44v, update to version 3.44v or later to resolve the issue. As a temporary workaround, consider disabling the use of BBCode in chat messages until a patch is available. Restrict access to chat messages with operators to minimize the risk of exploitation.