Surajhacx

**Name of the Vulnerable Software and Affected Versions** Helakuru Desktop Application version 1.1 **Description** The issue allows a local attacker to execute arbitrary code due to the lack of proper validation of the `wow64log.dll` file. This enables the attacker to potentially gain control over the system. **Recommendations** For Helakuru Desktop Application version 1.1, consider updating to a newer version that includes proper validation of the `wow64log.dll` file to prevent arbitrary code execution. As a temporary workaround, restrict access to the `wow64log.dll` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CMSimple XH version 1.7.6 **Description** The issue allows for cross-site scripting (XSS) by uploading a crafted SVG document. **Recommendations** For CMSimple XH version 1.7.6, as a temporary workaround, consider restricting the upload of SVG documents until a patch is available.