St1Tch

**Name of the Vulnerable Software and Affected Versions** yuan1994 tpadmin versions up to 1.3.12 **Description** A security issue exists in yuan1994 tpadmin up to version 1.3.12. The issue is related to deserialization within the WebUploader component, specifically in the file `/public/static/admin/lib/webuploader/0.1.5/server/preview.php`. This can be exploited remotely. The exploit for this issue has been publicly disclosed. This vulnerability affects products that are no longer supported by the maintainer. **Recommendations** Versions prior to 1.3.12 should not be used.

**Name of the Vulnerable Software and Affected Versions** jackying H-ui.admin versions up to 3.1 **Description** A flaw exists in jackying H-ui.admin that allows for unrestricted file uploads. This issue affects an unknown function within the `/lib/webuploader/0.1.5/server/preview.php` library. The attack can be carried out remotely. The exploit is publicly available. The vendor was contacted but did not respond. **Recommendations** Versions prior to 3.1 should be updated. As a temporary workaround, consider restricting access to the `/lib/webuploader/0.1.5/server/preview.php` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** taosir WTCMS versions prior to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665 **Description** A flaw exists in taosir WTCMS related to the `delete` function within the `SlideController.class.php` file of the `SlideController` component. Manipulation of the `ids` argument can lead to a SQL injection. Remote exploitation is possible, and a public exploit is available. The vendor was contacted regarding this issue but did not respond. **Recommendations** Versions prior to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665 should be updated. As a temporary workaround, consider restricting access to the `SlideController` component or disabling the `delete` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** taosir WTCMS versions up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665 **Description** A security flaw exists in taosir WTCMS. The issue affects the `check/uncheck/delete` function within the `application/Comment/Controller/CommentadminController.class.php` file of the `CommentadminController` component. Manipulation of the `ids` argument can lead to SQL injection. The attack can be executed remotely. The exploit has been released publicly. The product uses a rolling release model, making specific version information unavailable. The vendor was contacted regarding this disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** taosir WTCMS (affected versions not specified) **Description** A code injection issue exists in the `fetch` function of the `/index.php` file. Manipulation of the `content` argument can lead to code injection, and the attack can be initiated remotely. The exploit is publicly available. The product utilizes a rolling release model, and no specific version details for affected or updated releases are available. The vendor was contacted regarding this disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.