Saitamang

**Name of the Vulnerable Software and Affected Versions** PayMoney version 3.3 **Description** The issue is related to Stored Cross-Site Scripting (XSS) that occurs during the process of replying to a ticket. This can be achieved by injecting a specially crafted payload into the "Message" field using the `description` parameter, resulting in Stored XSS. The XSS payload can be triggered after the injection or accessed through the view ticket function. **Recommendations** For PayMoney version 3.3, consider disabling the reply ticket function temporarily to prevent exploitation until a patch is available. Restrict access to the "Message" field and the `description` parameter in the reply ticket function to minimize the risk of Stored XSS injection. Avoid using the `description` parameter in the affected function until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Garage Management System version 1.0 **Description** The issue is related to Stored Cross Site Scripting (XSS) that occurs on several parameters during the creation or editing of parts. This can be triggered using an XSS payload, allowing for further attack vectors. **Recommendations** For Garage Management System version 1.0, consider restricting access to the parameters involved in creating or editing parts until a fix is available. As a temporary workaround, avoid using the vulnerable parameters during these operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Hospital Information System version 1.0 **Description** The issue is a remote SQL injection vulnerability that allows for authentication bypass. **Recommendations** For Hospital Information System version 1.0, consider disabling remote access to the SQL database as a temporary workaround until a patch is available. Restrict access to sensitive data and authentication mechanisms to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PayMoney version 3.3 **Description** The issue is related to Client Side Remote Code Execution (RCE) and exists in the reply ticket function, where uploading a malicious file can lead to execution of remote code. When a victim downloads and opens the malicious RTF file, a calculator will open, demonstrating the vulnerability. **Recommendations** For PayMoney version 3.3, as a temporary workaround, consider disabling the reply ticket function until a patch is available. Restrict access to uploading files to minimize the risk of exploitation. Avoid using the vulnerable function to open RTF files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Loan Management System version 1.0 **Description** The issue allows unauthorized users to login as Administrator after injecting the `username` form at the login page, specifically through SQL Injection. **Recommendations** For Loan Management System version 1.0, as a temporary workaround, consider restricting access to the login page or disabling the SQL query execution on the `username` form until a patch is available. Avoid using the `username` form in the affected login page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Loan Management System version 1.0 **Description** The Loan Management System has a persistent cross-site scripting issue. This means that an attacker can inject malicious scripts into the system, which will be executed by other users' browsers, potentially leading to unauthorized actions or data theft. **Recommendations** For Loan Management System version 1.0, consider disabling any functionality that allows user input to be directly reflected in the application's pages as a temporary workaround until a patch is available. Restrict access to sensitive areas of the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Centreon version 22.04.0 **Description** The issue is related to a Cross Site Scripting (XSS) attack. It can be exploited from the function Pollers > Broker Configuration by adding a crafted payload into the `name` parameter. This allows for the execution of malicious scripts. The estimated number of potentially affected devices worldwide is not specified. Details about real-world incidents where this issue was exploited are not provided. Technical details about exploitation include the use of a crafted payload in the `name` parameter. The API endpoint `/centreon/main.get.php?p=60909` is involved, specifically the section where the "Add" button is clicked and the payload is entered in the "Name" section. **Recommendations** For Centreon version 22.04.0, as a temporary workaround, consider disabling the Pollers > Broker Configuration function until a patch is available. Restrict access to the `/centreon/main.get.php?p=60909` endpoint to minimize the risk of exploitation. Avoid using the `name` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.