Tr0E

Name of the Vulnerable Software and Affected Versions: ageerle ruoyi-ai version 2.0.0 Description: A critical issue was found in the function `speechToTextTranscriptionsV2/upload` of the file `ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/service/impl/SseServiceImpl.java`. The manipulation of the argument `File` leads to unrestricted upload. The attack may be launched remotely. Recommendations: For version 2.0.0, upgrade to version 2.0.1 to address this issue. As a temporary workaround, consider restricting access to the `speechToTextTranscriptionsV2/upload` function until the upgrade is applied.

Name of the Vulnerable Software and Affected Versions: mymagicpower AIAS 20250308 Description: A critical issue was found in the code of the file training platform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java, affecting the `File` argument. This allows for unrestricted upload. The attack can be initiated remotely. An exploit has been publicly disclosed and may be used. The vendor was contacted about this issue but did not respond. Recommendations: For mymagicpower AIAS 20250308, as a temporary workaround, consider restricting access to the `LocalStorageController.java` file until a patch is available. Avoid using the `File` argument in the affected controller to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: mymagicpower AIAS 20250308 Description: A critical issue was found in mymagicpower AIAS, affecting an unknown function of the file 2 training platform/train-platform/src/main/java/top/aias/training/controller/InferController.java. The manipulation of the `url` argument leads to server-side request forgery, allowing for remote attacks. The exploit has been publicly disclosed and may be used. The vendor was contacted about this disclosure but did not respond. Recommendations: As a temporary workaround, consider restricting access to the vulnerable `InferController.java` function until a patch is available. Avoid using the `url` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ageerle ruoyi-ai versions 2.0.1 and earlier **Description** A critical issue affects an unknown functionality of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysModelController.java in the component's API Interface. This leads to improper authorization and can be exploited remotely. **Recommendations** For versions 2.0.1 and earlier, update to version 2.0.2 to address the issue. As a temporary workaround, consider restricting access to the `SysModelController.java` file until the update is applied.

**Name of the Vulnerable Software and Affected Versions** ageerle ruoyi-ai versions up to 2.0.0 **Description** A critical vulnerability has been found, affecting an unknown function of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java. This leads to improper authorization and can be exploited remotely. The exploit has been disclosed publicly. **Recommendations** For versions up to 2.0.0, upgrade to version 2.0.1 to address this issue.

**Name of the Vulnerable Software and Affected Versions** Vehicle Booking System version 1.0 **Description** The issue allows attackers to execute arbitrary code via a crafted PHP file due to an arbitrary file upload vulnerability in the admin-add-vehicle.php file. **Recommendations** For Vehicle Booking System version 1.0, consider removing or restricting access to the admin-add-vehicle.php file until a patch is available. As a temporary workaround, restrict the types of files that can be uploaded through this interface to prevent the execution of malicious code.

**Name of the Vulnerable Software and Affected Versions** Vehicle Booking System version 1.0 **Description** A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `v name` parameter in the admin-add-vehicle.php file. **Recommendations** For Vehicle Booking System version 1.0, consider validating and sanitizing user input for the `v name` parameter to prevent XSS attacks. As a temporary workaround, restrict access to the admin-add-vehicle.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Web-Based Student Clearance System version 1.0 **Description** A cross-site scripting (XSS) issue exists in the /admin/edit-admin.php endpoint, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `txtemail` parameter. **Recommendations** For Web-Based Student Clearance System version 1.0, consider disabling access to the /admin/edit-admin.php endpoint until a patch is available, and restrict the use of the `txtemail` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Restaurant POS System version 1.0 **Description** The issue is related to a SQL injection vulnerability. It affects the update customer.php file. **Recommendations** For Restaurant POS System version 1.0, consider restricting access to the update customer.php file until a patch is available. As a temporary workaround, avoid using user-input data in SQL queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Restaurant POS System version 1.0 **Description** The issue is related to an arbitrary file upload vulnerability in the add product.php file, which allows attackers to execute arbitrary code via a crafted PHP file. This can be achieved by uploading a malicious PHP file to the system. **Recommendations** For Restaurant POS System version 1.0, consider removing or restricting access to the add product.php file until a patch is available. As a temporary workaround, restrict the types of files that can be uploaded to prevent PHP files from being executed.

**Name of the Vulnerable Software and Affected Versions** Web-Based Student Clearance System version 1.0 **Description** A cross-site scripting (XSS) issue exists in the /admin/add-fee.php endpoint, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `cmddept` parameter. **Recommendations** For Web-Based Student Clearance System version 1.0, consider disabling access to the /admin/add-fee.php endpoint or restricting the use of the `cmddept` parameter until a patch is available. Avoid using the `cmddept` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Train Scheduler App version 1.0 **Description** A cross-site scripting (XSS) issue exists in the /admin/add-fee.php endpoint, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `cmddept` parameter. **Recommendations** For Train Scheduler App version 1.0, consider disabling access to the /admin/add-fee.php endpoint until a patch is available, or restrict the use of the `cmddept` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Fast Food Ordering System version 1.0 **Description** The issue is related to a SQL injection vulnerability. It affects the /fastfood/purchase.php component. **Recommendations** For Fast Food Ordering System version 1.0, consider restricting access to the /fastfood/purchase.php component until a patch is available. As a temporary workaround, avoid using user-inputted data in SQL queries to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Fast Food Ordering System version 1.0 **Description** A cross-site scripting (XSS) issue exists in the /fastfood/purchase.php endpoint of the Fast Food Ordering System, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `customer` parameter. **Recommendations** For Fast Food Ordering System version 1.0, consider disabling the /fastfood/purchase.php endpoint until a patch is available, or restrict access to this endpoint to minimize the risk of exploitation. Avoid using the `customer` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.