Snowhy77

**Name of the Vulnerable Software and Affected Versions** Emlog versions up to and including 2.5.19 **Description** Emlog is vulnerable to server-side Out-of-Band (OOB) requests and Server-Side Request Forgery (SSRF) through the handling of uploaded SVG files. An attacker can upload a specially crafted SVG file via the `/admin/media.php` endpoint. When the server processes the SVG file, it makes HTTP requests to a host controlled by the attacker, leading to potential internal network probing and exposure of metadata or credentials. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Emlog Pro versions 2.5.19 and earlier **Description** Emlog Pro versions 2.5.19 and earlier are susceptible to a Cross-Site Request Forgery (CSRF) issue on the password change endpoint. This allows an attacker to trick a logged-in administrator into submitting a crafted POST request, leading to unauthorized password changes. Successful exploitation can result in account takeover of privileged users. CSRF is an attack where an authenticated user is tricked into performing unwanted actions on a web application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MetInfo CMS version 8.0 **Description** A stored Cross-Site Scripting (XSS) flaw exists because of inadequate validation and sanitization of SVG file uploads. The issue is located in the `appsystemincludemoduleuploadify.class.php` component within the website settings module. Attackers can upload malicious SVG files containing JavaScript code that will execute when the uploaded file is viewed or accessed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MetInfo CMS version 8.0 **Description** A stored Cross-Site Scripting (XSS) issue exists in the image management module of the software. The vulnerability is located in the `appsystemimgadminimg admin.class.php` component. Attackers can upload malicious SVG files containing JavaScript code. This code executes when the uploaded file is viewed or accessed by users. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Emlog versions 2.5.21 and below **Description** Emlog is a website building system. A flaw exists where a malicious payload can be saved through the mail template settings, leading to stored cross-site scripting (XSS). When an attacker saves malicious code, any subsequent visit to the settings page by an authenticated administrator will execute attacker-controlled JavaScript. This can result in session or token theft and complete admin account takeover. **Recommendations** Update to version 2.5.22 or later.

**Name of the Vulnerable Software and Affected Versions** KUNO CMS versions prior to 1.3.14 **Description** KUNO CMS, a full-stack blog application, has flaws in its file upload functionality. The upload process only validates file types based on Content-Type headers and does not analyze file content or enforce extension whitelists. This allows attackers to upload SVG files containing malicious scripts, disguised as images. When users access the pages displaying these uploaded resources, arbitrary JavaScript executes in their browsers. The affected API endpoint is the file upload functionality. The vulnerable parameter is the file itself. **Recommendations** Update KUNO CMS to version 1.3.14 or later.

**Name of the Vulnerable Software and Affected Versions** Emlog Pro version 2.5.19 **Description** A stored Cross-Site Scripting (XSS) issue has been identified. The vulnerability is located in the email template configuration component at the `/admin/setting.php?action=mail` API endpoint. This allows administrators to input HTML code that is not properly sanitized, resulting in persistent JavaScript execution. The `HTML code` input by administrators is not validated, enabling the injection of malicious scripts. **Recommendations** Update to a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** XunRuiCMS version 4.7.1 **Description** A stored Cross-Site Scripting (XSS) issue exists because of inadequate validation of SVG file uploads within the `dayrui/Fcms/Library/Upload.php` component. This allows attackers to inject malicious JavaScript code that will execute when the uploaded file is viewed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.