Vastzero

**Name of the Vulnerable Software and Affected Versions** iteachyou Dreamer CMS version 4.1.3 **Description** A problematic issue has been found in iteachyou Dreamer CMS, affecting some unknown processing of the file /resource/js/ueditor-1.4.3.3. The manipulation leads to path traversal. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** As a temporary workaround, consider restricting access to the /resource/js/ueditor-1.4.3.3 file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iteachyou Dreamer CMS version 4.1.3 **Description** A vulnerability was found in iteachyou Dreamer CMS, affecting unknown code of the file /admin/archives/edit. The manipulation of the `editorValue/answer/content` argument leads to cross-site scripting. The attack can be initiated remotely. **Recommendations** For iteachyou Dreamer CMS version 4.1.3, consider disabling access to the /admin/archives/edit file until a patch is available. Restrict the use of the `editorValue/answer/content` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mindskip xzs-mysql 学之思开源考试系统 version 3.9.0 **Description** A problematic issue has been found, affecting some unknown functionality and leading to cross-site request forgery. The attack can be launched remotely and multiple endpoints are affected. **Recommendations** For Mindskip xzs-mysql 学之思开源考试系统 version 3.9.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Mindskip xzs-mysql 学之思开源考试系统 version 3.9.0 **Description** A problematic issue was found in the CORS Handler component, leading to a permissive cross-domain policy with untrusted domains. The attack can be launched remotely, but the complexity is rather high and the exploitation appears to be difficult. The issue has been publicly disclosed and the vendor was contacted but did not respond. **Recommendations** For Mindskip xzs-mysql 学之思开源考试系统 version 3.9.0, consider restricting access to the CORS Handler component to minimize the risk of exploitation until a fix is available. As a temporary workaround, review and limit the cross-domain policy to trusted domains only.

**Name of the Vulnerable Software and Affected Versions** Mindskip xzs-mysql 学之思开源考试系统 version 3.9.0 **Description** A problematic issue has been found in the Exam Edit Handler component. The manipulation of the `title` and `content` arguments in the "/api/admin/question/edit" API endpoint leads to cross-site scripting. This issue can be exploited remotely. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Mindskip xzs-mysql 学之思开源考试系统 version 3.9.0, consider disabling the Exam Edit Handler component or restricting access to the "/api/admin/question/edit" API endpoint until a fix is available. Avoid using the `title` and `content` arguments in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** langhsu Mblog Blog System version 3.5.0 **Description** A problematic vulnerability has been found in the langhsu Mblog Blog System. The issue affects an unknown function of the file `/login`, leading to an observable response discrepancy. This can be exploited remotely, but the complexity of the attack is rather high, and the exploitability is difficult. The exploit has been disclosed to the public. **Recommendations** For version 3.5.0, as a temporary workaround, consider restricting access to the `/login` file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** langhsu Mblog Blog System version 3.5.0 **Description** A problematic vulnerability was found in the Search Bar component of the langhsu Mblog Blog System, affecting an unknown functionality of the file /search. The manipulation of the `kw` argument leads to cross-site scripting. This issue can be exploited remotely. The exploit has been publicly disclosed, and the vendor was contacted but did not respond. **Recommendations** For version 3.5.0, as a temporary workaround, consider restricting access to the /search endpoint until a patch is available. Avoid using the `kw` argument in the affected Search Bar component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Antabot White-Jotter versions up to 0.2.2 **Description** A problematic vulnerability has been found in the component Article Content Editor, specifically in an unknown function of the file /admin/content/editor. This manipulation leads to cross site scripting and can be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Antabot White-Jotter versions up to 0.2.2, consider disabling access to the /admin/content/editor file until a patch is available. As a temporary workaround, restrict the use of the unknown function in the Article Content Editor component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Antabot White-Jotter versions up to 0.2.2 **Description** A problematic issue has been found in the Article Editor component, specifically in the /admin/content/editor file, affecting an unknown functionality. The manipulation of the `articleCover` argument leads to server-side request forgery. This issue can be exploited remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For versions up to 0.2.2, consider disabling the `articleCover` argument in the /admin/content/editor file as a temporary workaround until a patch is available. Restrict access to the Article Editor component to minimize the risk of exploitation. Avoid using the `articleCover` argument in the affected functionality until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Antabot White-Jotter versions up to 0.2.2 **Description** A problematic issue was found in the Edit Book Handler component, affecting an unknown function of the file /admin/content/book. This leads to server-side request forgery, which can be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Antabot White-Jotter versions up to 0.2.2, consider restricting access to the /admin/content/book file and the Edit Book Handler component to minimize the risk of exploitation. As a temporary workaround, avoid using the affected function in the Edit Book Handler until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Antabot White-Jotter versions up to 0.2.2 **Description** A problematic issue has been found in Antabot White-Jotter, affecting some unknown processing of the file "/login". The manipulation of the argument `username` leads to observable response discrepancy. The attack may be initiated remotely. The complexity of an attack is rather high, and the exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. **Recommendations** For Antabot White-Jotter versions up to 0.2.2, as a temporary workaround, consider restricting access to the "/login" file until a patch is available. Avoid using the `username` argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ruifang-tech Rebuild version 3.8.6 **Description** A vulnerability has been found in the Project Tasks Section component, affecting an unknown part of the file /project/050-9000000000000001/tasks. The manipulation of the `description` argument leads to cross-site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For version 3.8.6, as a temporary workaround, consider restricting access to the Project Tasks Section component until a patch is available. Avoid using the `description` argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ruifang-tech Rebuild version 3.8.6 **Description** A vulnerability was found in the Admin Verification Page of the affected software, specifically in the file /user/admin-verify. The issue is related to the manipulation of the `nexturl` argument, which can lead to an open redirect when an input like `http://localhost/evil.html` is used. This can be initiated remotely. The exploit has been publicly disclosed, and the vendor was contacted but did not respond. **Recommendations** For version 3.8.6, consider restricting access to the `/user/admin-verify` page or disabling the `nexturl` argument to minimize the risk of exploitation until a patch is available. Avoid using the `nexturl` argument in the affected page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** funnyzpc Mee-Admin versions 1.6 and earlier **Description** A problematic issue was found in the Login component, affecting unknown code of the file /mee/login. The manipulation of the `username` argument leads to an observable response discrepancy. The attack can be initiated remotely, with a rather high complexity of attack and difficult exploitation. The issue has been disclosed to the public. **Recommendations** For versions 1.6 and earlier, as a temporary workaround, consider restricting access to the `/mee/login` endpoint until a patch is available. Avoid using the `username` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ruifang-tech Rebuild version 3.8.5 **Description** A problematic issue was found in the Task Comment Attachment Upload component, affecting an unknown function. This issue leads to cross site scripting and can be exploited remotely. The exploit has been publicly disclosed, and the vendor was contacted about this issue but did not respond. **Recommendations** For version 3.8.5, as a temporary workaround, consider disabling the Task Comment Attachment Upload component until a patch is available. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ruifang-tech Rebuild version 3.8.5 **Description** A problematic issue has been found in the Project Task Comment Handler component, leading to cross-site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted about this disclosure but did not respond. **Recommendations** For ruifang-tech Rebuild version 3.8.5, as a temporary workaround, consider disabling the Project Task Comment Handler component until a patch is available. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dromara UJCMS versions up to 9.6.3 **Description** A problematic vulnerability has been found in Dromara UJCMS, affecting an unknown part of the file `/users/id` of the component User ID Handler. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The complexity of an attack is rather high, and the exploitability is told to be difficult. **Recommendations** For versions up to 9.6.3, as a temporary workaround, consider restricting access to the `/users/id` endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.