Sowishop

**Name of the Vulnerable Software and Affected Versions** ThinkCMF version X2.2.2 **Description** The issue concerns a SQL Injection problem. It is exploitable through the `ids[]` parameter in a "commentadmin" action, specifically via the `check()` and `delete()` functions in `CommentadminController.class.php`, and requires the manager privilege. **Recommendations** For ThinkCMF version X2.2.2, as a temporary workaround, consider disabling the `check()` and `delete()` functions in `CommentadminController.class.php` until a patch is available. Restrict access to the "commentadmin" action to minimize the risk of exploitation. Avoid using the `ids[]` parameter in the affected action until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ThinkCMF version X2.2.2 **Description** The issue is related to SQL Injection via the `edit post()` function in `NavController.class.php`. It can be exploited with manager privilege using the `parentid` parameter in a "nav" action. **Recommendations** For ThinkCMF version X2.2.2, consider disabling the `edit post()` function in `NavController.class.php` until a patch is available to prevent exploitation via the `parentid` parameter. Restrict access to the "nav" action to minimize the risk of SQL Injection.

**Name of the Vulnerable Software and Affected Versions** ThinkCMF version X2.2.2 **Description** The issue concerns a SQL Injection problem via the `delete()` function in `SlideController.class.php`. It can be exploited by an attacker with manager privileges through the `ids[]` parameter in a slide action. **Recommendations** For ThinkCMF version X2.2.2, consider disabling the `delete()` function in `SlideController.class.php` until a patch is available to prevent exploitation via the `ids[]` parameter. Restrict access to the slide action for users with manager privileges to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ThinkCMF version X2.2.2 **Description** The issue concerns a SQL Injection vulnerability via the ` listorders()` function in `AdminbaseController.class.php`. This can be exploited with manager privilege through the `listorders[key][1]` parameter in a "Link listorders" action. **Recommendations** For ThinkCMF version X2.2.2, as a temporary workaround, consider disabling the ` listorders()` function until a patch is available. Restrict access to the `listorders` action to minimize the risk of exploitation. Avoid using the `listorders[key][1]` parameter in the affected Link listorders action until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ThinkCMF version X2.2.2 **Description** The issue concerns a SQL Injection problem via the `edit post` method in `ArticleController.class.php`. It can be exploited by normal authenticated users through the `post[id][1]` parameter in an article `edit post` action. **Recommendations** For ThinkCMF version X2.2.2, as a temporary workaround, consider disabling the `edit post` method in `ArticleController.class.php` until a patch is available. Avoid using the `post[id][1]` parameter in the affected article `edit post` action until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** YMFE YApi version 1.3.23 **Description** An issue was discovered in YMFE YApi, where there is stored XSS in the `name` field of a project. **Recommendations** For YMFE YApi version 1.3.23, update to a newer version that contains a fix for this issue, as using the current version may pose a security risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.