Sh7Err04

**Name of the Vulnerable Software and Affected Versions** orionsec orion-ops versions up to 5925824997a3109651bbde07460958a7be249ed1 **Description** A server-side request forgery condition exists in the SSH Connection Handler component of orionsec orion-ops. The issue is related to the manipulation of the `host`, `sshPort`, `username`, `password`, and `authType` arguments within the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java. This manipulation can be performed remotely. The exploit has been publicly disclosed. **Recommendations** Apply a patch to remediate this issue.

**Name of the Vulnerable Software and Affected Versions** jsnjfz WebStack-Guns version 1.0 **Description** A path traversal issue exists in jsnjfz WebStack-Guns. The `renderPicture` function within the `KaptchaController.java` file (located in `src/main/java/com/jsnjfz/manage/modular/system/controller/`) is susceptible to manipulation, allowing for path traversal. This issue can be exploited remotely. The exploit is publicly available. The vendor was notified but did not respond. **Recommendations** Apply a fix to the `renderPicture` function in the `KaptchaController.java` file to prevent path traversal.

**Name of the Vulnerable Software and Affected Versions** jsnjfz WebStack-Guns version 1.0 **Description** A flaw exists in jsnjfz WebStack-Guns that allows for SQL injection. Manipulation of the `sort` argument within the file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java can trigger this issue. The attack can be launched remotely. The exploit is publicly available. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** moxi159753 Mogu Blog versions up to 5.2 **Description** A flaw exists in the Storage Management Endpoint component of moxi159753 Mogu Blog. The issue involves unauthorized processing of the `/storage/` file, leading to a missing authorization check. This allows for remote exploitation, with a high complexity and difficult exploitability. The exploit is publicly available. The vendor was notified but did not respond. **Recommendations** Versions prior to 5.2 should be updated.

**Name of the Vulnerable Software and Affected Versions** moxi159753 Mogu Blog versions up to 5.2 **Description** A security issue exists in moxi159753 Mogu Blog v2. The `LocalFileServiceImpl.uploadPictureByUrl` function, located in the `/file/uploadPicsByUrl` file, is susceptible to server-side request forgery. This manipulation can be initiated remotely. The exploit for this issue is publicly available. The vendor was informed of this disclosure but did not provide a response. **Recommendations** Versions prior to 5.2 should be updated.

**Name of the Vulnerable Software and Affected Versions** Mogu Blog v2 versions up to 5.2 **Description** A weakness exists in Mogu Blog v2 up to version 5.2. This issue involves the manipulation of the `filedatas` argument within an unknown function of the `/file/pictures` endpoint, leading to unrestricted file upload. The attack can be initiated remotely. The exploit has been publicly released. The vendor was contacted regarding this issue but did not provide a response. **Recommendations** Versions prior to 5.2 should be updated. At the moment, there is no information about a newer version that contains a fix for this vulnerability.