Sahil Dhar

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine Mobile Device Manager Plus versions prior to 10.1.2207.5 **Description** The issue allows privilege escalation through the User Administration module. **Recommendations** For versions prior to 10.1.2207.5, update to version 10.1.2207.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine SharePoint Manager Plus versions prior to 4329 **Description** The issue is related to authorization being mishandled, which allows for account takeover. **Recommendations** For versions prior to 4329, update to version 4329 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine SharePoint Manager Plus versions prior to 4329 **Description** The issue is related to a sensitive data leak that can lead to privilege escalation. **Recommendations** For versions prior to 4329, update to version 4329 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Django CMS version 3.7.3 **Description** The issue arises from the lack of validation of the `plugin type` parameter when generating error messages for an invalid plugin type, leading to a Cross Site Scripting (XSS) issue. This allows an attacker to execute arbitrary JavaScript code in the web browser of the affected user. **Recommendations** For Django CMS version 3.7.3, as a temporary workaround, consider restricting the use of the `plugin type` parameter until a patch is available. Avoid using the `plugin type` parameter in error messages for invalid plugin types to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine O365 Manager Plus versions prior to Build 4416 **Description** The issue allows remote code execution via BCP file overwrite through the ChangeDBAPI component. **Recommendations** For versions prior to Build 4416, update to Build 4416 or later to resolve the issue. As a temporary workaround, consider restricting access to the ChangeDBAPI component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine M365 Manager Plus versions prior to Build 4419 **Description** The issue allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components. **Recommendations** For versions prior to Build 4419, update to Build 4419 or later to resolve the issue. As a temporary workaround, consider restricting access to the Admin ProxySettings and Tenant ProxySettings components until a patch is applied. Avoid using these components for updating proxy settings until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine DataSecurity Plus versions prior to 6.0.1 **Description** The issue arises from the lack of validation of the database schema name when handling a DR-SCHEMA-SYNC request in the DataEngine Xnode Server application. This allows an authenticated attacker to execute code in the context of the product by writing a JSP file to the webroot directory via directory traversal. **Recommendations** For versions prior to 6.0.1, update to version 6.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the DR-SCHEMA-SYNC request handler to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine DataSecurity Plus versions prior to 6.0.1 **Description** The issue allows an attacker to bypass authentication for the DataEngine Xnode server and execute all operations in the context of the admin user, due to the use of default admin credentials for communication with the server. **Recommendations** For versions prior to 6.0.1, update to version 6.0.1 or later to resolve the issue. As a temporary workaround, consider changing the default admin credentials used by Zoho ManageEngine DataSecurity Plus to communicate with the DataEngine Xnode server. Restrict access to the DataEngine Xnode server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GNOME gdk-pixbuf version 2.42.6 **Description** The issue is related to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. This vulnerability can allow a remote attacker to access confidential data, compromise data integrity, and cause a denial of service using a specially crafted GIF file. **Recommendations** For GNOME gdk-pixbuf version 2.42.6, consider updating to a newer version that contains a fix for this issue. As a temporary workaround, avoid using the `gdk-pixbuf` library to decode GIF files with lzw minimum code size equals to 12 until a patch is available. Restrict access to GIF files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Wifi-soft UniBox controller versions 0.x through 2.x **Description** An issue was discovered that allows for arbitrary file upload through the `network/mesh/edit-nds.php` endpoint, enabling an attacker to upload `.php` files and execute code on the server with root user privileges. The authentication for accessing this component can be bypassed by using hard-coded credentials. **Recommendations** For Wifi-soft UniBox controller versions 0.x through 2.x, as a temporary workaround, consider disabling access to the `network/mesh/edit-nds.php` endpoint until a patch is available. Restrict the use of hard-coded credentials to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Wifi-soft UniBox controller versions 0.x through 2.x **Description** An issue in the Diagnostic Tools component of the Wifi-soft UniBox controller allows for Remote Command Execution. This is due to the `tools/ping` Ping feature being vulnerable, enabling an attacker to execute arbitrary system commands on the server with root user privileges. The authentication for accessing this component can be bypassed by utilizing hard-coded credentials. **Recommendations** For Wifi-soft UniBox controller versions 0.x through 2.x, consider disabling the `tools/ping` Ping feature in the Diagnostic Tools component until a patch is available to prevent Remote Command Execution. Restrict access to the Diagnostic Tools component to minimize the risk of exploitation. Avoid using hard-coded credentials for authentication.

Name of the Vulnerable Software and Affected Versions: Wicket jQuery UI versions 6.28.0 and earlier Wicket jQuery UI versions 7.9.1 and earlier Wicket jQuery UI versions 8.0.0-M8 and earlier Description: A security issue has been discovered in the WYSIWYG editor of Wicket jQuery UI, allowing an attacker to submit arbitrary JS code to the WYSIWYG editor. Recommendations: For versions 6.28.0 and earlier, update to a version later than 6.28.0 to resolve the issue. For versions 7.9.1 and earlier, update to a version later than 7.9.1 to resolve the issue. For versions 8.0.0-M8 and earlier, update to a version later than 8.0.0-M8 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apache OpenMeetings versions 3.0.0 through 4.0.1 **Description** The issue allows an authenticated attacker to deny service for privileged users due to the lack of password protection for CRUD operations on these users. **Recommendations** For versions 3.0.0 through 4.0.1, update to version 4.0.2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Piwigo version 2.9.2 **Description** The issue concerns SQL Injection via the `sSortDir 0` parameter in the List Users API, specifically affecting the `/admin/user list backend.php` endpoint. This allows an attacker to potentially gain access to the data in a connected MySQL database. **Recommendations** For Piwigo version 2.9.2, consider restricting access to the `/admin/user list backend.php` endpoint until a patch is available. As a temporary workaround, avoid using the `sSortDir 0` parameter in the affected API endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Piwigo version 2.9.2 **Description** The issue concerns SQL Injection in the Batch Manager component of Piwigo. Specifically, the `element ids` parameter in the "admin/batch manager unit.php" endpoint is vulnerable when in unit mode. This allows an attacker to potentially gain access to the data in a connected MySQL database. **Recommendations** For Piwigo version 2.9.2, consider restricting access to the "admin/batch manager unit.php" endpoint until a patch is available. As a temporary workaround, avoid using the `element ids` parameter in unit mode to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Piwigo version 2.9.2 **Description** The Configuration component of Piwigo is vulnerable to SQL Injection via the `order by` array parameter in the admin/configuration.php file. An attacker can exploit this to gain access to the data in a connected MySQL database. **Recommendations** For Piwigo version 2.9.2, avoid using the `order by` array parameter in the admin/configuration.php file until a patch is available. As a temporary workaround, consider restricting access to the admin/configuration.php file to minimize the risk of exploitation.