Ricky Roane Jr

**Name of the Vulnerable Software and Affected Versions** SearchBlox versions prior to 7.5 build 1 **Description** The issue allows remote attackers to execute arbitrary code by uploading an executable file with the `content type` set to `image/jpeg` to the `admin/uploadImage.html` endpoint, and then accessing this file via unspecified vectors. This can be demonstrated by accessing a JSP file. **Recommendations** For versions prior to 7.5 build 1, update to version 7.5 build 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `admin/uploadImage.html` endpoint to minimize the risk of exploitation. Avoid uploading files with executable content to prevent potential code execution.

**Name of the Vulnerable Software and Affected Versions** SearchBlox versions prior to 7.5 build 1 **Description** The issue allows remote attackers to read usernames and passwords. This is achieved through the servlet/CollectionListServlet via a getList action. **Recommendations** For versions prior to 7.5 build 1, update to version 7.5 build 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the servlet/CollectionListServlet to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SearchBlox versions prior to 7.5 build 1 **Description** The issue allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the `name` parameter of the servlet/CreateTemplateServlet. **Recommendations** For versions prior to 7.5 build 1, update to version 7.5 build 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the servlet/CreateTemplateServlet to minimize the risk of exploitation. Avoid using the `name` parameter in the affected servlet until the issue is resolved.