Trexnegro

**Name of the Vulnerable Software and Affected Versions** Webkul Krayin CRM versions 2.2.x **Description** An authenticated arbitrary file upload issue exists in the '/admin/tinymce/upload' endpoint. This allows authenticated attackers to upload a crafted PHP file, which can lead to remote code execution and full system compromise. Approximately 2,700 services are estimated to be affected worldwide. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. Restrict access to the '/admin/tinymce/upload' endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Webkul Krayin CRM versions 2.2.x **Description** A Server-Side Request Forgery (SSRF) exists in the '/settings/webhooks/create' component. This allows attackers to scan internal resources by sending a specially crafted POST request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Krayin CRM versions 2.2.x **Description** SQL injection is possible via the `rotten lead` parameter at the '/Lead/LeadDataGrid.php' endpoint. SQL injection is a type of flaw that allows an attacker to interfere with the queries that an application makes to its database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Webkul Krayin CRM versions 2.2.x **Description** A Broken Object-Level Authorization (BOLA) exists in the '/Settings/UserController.php' endpoint. This allows authenticated attackers to arbitrarily reset user passwords and perform a full account takeover by supplying a crafted HTTP request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Webkul Krayin CRM versions 2.2.x **Description** A Broken Object-Level Authorization (BOLA) exists in the '/Controllers/Lead/LeadController.php' endpoint. This allows authenticated attackers to arbitrarily read, modify, and permanently delete any lead owned by other users by supplying a crafted GET request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Webkul Krayin CRM versions 2.2.x **Description** A Broken Object-Level Authorization (BOLA) issue exists in the '/Contact/Persons/PersonController.php' endpoint. This allows authenticated attackers to arbitrarily read, modify, and permanently delete any contact owned by other users by supplying a crafted GET request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Snipe-IT version 8.4.0 **Description** Improper authorization in the '/api/v1/users/{id}' endpoint allows authenticated attackers with the `users.edit` permission to modify sensitive authentication and account-state fields of other non-admin users by sending a crafted PUT request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.