Sven Krewitt

**Name of the Vulnerable Software and Affected Versions** Rockwell Automation ThinManager ThinServer (affected versions not specified) **Description** A path traversal issue exists in the HTTPS Server Settings API feature of Rockwell Automation ThinManager ThinServer. This feature is disabled by default but can be enabled. When enabled, it allows a remote actor to leverage the server's file system privileges and read arbitrary files. The issue can be exploited by manipulating variables in the path. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Data Center Network Manager (DCNM) (affected versions not specified) **Description** The issue is related to errors in privilege management in the REST API interface of the Cisco Data Center Network Manager (DCNM) system. It could allow a remote attacker to elevate their privileges on the application due to insufficient access control validation. An attacker could exploit this by authenticating with a low-privilege account and sending a crafted request to the API, potentially allowing them to interact with the API with administrative privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TYPO3 Formhandler extension versions prior to 1.4.1 **Description** The issue allows remote authenticated users with certain permissions to execute arbitrary SQL commands. **Recommendations** For versions prior to 1.4.1, update to version 1.4.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apache Wicket versions 1.4.x through 1.4.17 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified parameters when setAutomaticMultiWindowSupport is enabled. **Recommendations** For Apache Wicket versions 1.4.x through 1.4.17, update to version 1.4.18 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** BSQ Sitestats versions 1.8.0 through 2.2.0 **Description** The issue allows remote attackers to execute arbitrary PHP code via the `baseDir` parameter in the external/rssfeeds.php file. This can be exploited by sending a crafted request to the vulnerable endpoint. **Recommendations** For versions 1.8.0 through 2.2.0, consider restricting access to the external/rssfeeds.php file until a patch is available. As a temporary workaround, avoid using the `baseDir` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** BSQ Sitestats versions 1.8.0 through 2.2.1 **Description** A cross-site scripting issue exists in the IP Address Lookup functionality, allowing remote attackers to inject arbitrary web script and HTML via the `ip` parameter. **Recommendations** For versions 1.8.0 through 2.2.1, update to version 2.2.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** BSQ Sitestats versions 1.8.0 through 2.2.1 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via unspecified parameters when importing the `ip-to-country.csv` file, and through the HTTP Referer, HTTP User Agent, and HTTP Accept Language headers to `bsqtemplateinc.php`. **Recommendations** For BSQ Sitestats versions 1.8.0 through 2.2.1, update to version 2.2.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Jetbox CMS version 2.1 SR1 **Description** A session fixation issue allows remote attackers to hijack web sessions via a crafted link, specifically targeting the administrator section. **Recommendations** For Jetbox CMS version 2.1 SR1, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Jetbox CMS version 2.1 SR1 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `frontsession` COOKIE parameter and the `view` parameter in "index.php", as well as the `login` parameter in "admin/cms/index.php". **Recommendations** For Jetbox CMS version 2.1 SR1, consider restricting access to the `frontsession` COOKIE parameter, the `view` parameter in "index.php", and the `login` parameter in "admin/cms/index.php" to minimize the risk of exploitation. As a temporary workaround, avoid using these parameters until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Jetbox CMS version 2.1 SR1 **Description** The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to security breaches. This can be achieved through various means, including the `login` parameter in `admin/cms/index.php`, unspecified parameters in the "Supply news" page in `formmail.php`, the URL in the "Site statistics" page, and the `query string` parameter when performing a search. **Recommendations** For Jetbox CMS version 2.1 SR1, consider disabling the vulnerable parameters, such as the `login` parameter in `admin/cms/index.php` and the `query string` parameter in search functionality, until a patch is available. Restrict access to the "Supply news" page in `formmail.php` and the "Site statistics" page to minimize the risk of exploitation. Avoid using the `query string` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Jetbox CMS version 2.1 SR1 **Description** A dynamic variable evaluation issue in index.php allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables. This could potentially lead to unauthorized changes in the system configuration. **Recommendations** For Jetbox CMS version 2.1 SR1, consider restricting access to the index.php file until a patch is available, and avoid using URL parameters that could be evaluated as PHP variable variables. As a temporary workaround, consider disabling the evaluation of URL parameters as PHP variables to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** X MultiMedia System (xmms) version 1.2.10 xmms (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption. Multiple vulnerabilities in the xmms package of the Debian GNU/Linux operating system can be exploited remotely, leading to a violation of confidentiality, integrity, and availability of protected information. **Recommendations** For version 1.2.10, consider updating to a newer version to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** X MultiMedia System (xmms) version 1.2.10 **Description** The issue allows remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, resulting in a stack-based buffer overflow. Multiple vulnerabilities in the xmms package of the Debian GNU/Linux operating system can lead to violations of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. **Recommendations** For version 1.2.10, consider updating to a newer version to mitigate the risk, although the specific fixed version is not provided. As a temporary workaround, consider restricting the use of skin bitmap images to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.