Vuldb

**Name of the Vulnerable Software and Affected Versions** SourceCodester Ship Ferry Ticket Reservation System version 1.0 **Description** An improper authorization issue exists in the `/admin/` file. Manipulation of the `page` argument allows for remote exploitation. **Recommendations** Avoid using the `page` argument in the `/admin/` file until the issue is resolved.

Name of the Vulnerable Software and Affected Versions vanna-ai vanna versions up to 2.0.2 Description A flaw exists in the FastAPI/Flask Server component of vanna-ai vanna. A manipulation can lead to a permissive cross-domain policy with untrusted domains, allowing for remote attacks. The exploit has been published. Recommendations Update vanna-ai vanna to a version later than 2.0.2.

Name of the Vulnerable Software and Affected Versions vanna-ai vanna versions up to 2.0.2 Description A security issue exists in vanna-ai vanna, specifically within the Chat API Endpoint component. A manipulation of the `/api/vanna/v2/` file results in missing authentication. This can be exploited remotely. The exploit is publicly available. Recommendations Update to a version beyond 2.0.2.

Name of the Vulnerable Software and Affected Versions Cesanta Mongoose versions up to 7.20 Description A flaw exists in the TLS 1.3 Handler component of Cesanta Mongoose, specifically within the `mg tls recv cert` function in the `mongoose.c` file. Manipulation of the `pubkey` argument can lead to a heap-based buffer overflow, potentially allowing for remote attacks. Recommendations Upgrade to version 7.21 or later.

Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 1.22 Description A vulnerability exists in Nothings stb up to version 1.22 related to resource allocation within the `setup free` function in the `stb vorbis.c` file. This issue is potentially exploitable remotely. The exploit is publicly available. Recommendations Versions prior to 1.22: There is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions AlejandroArciniegas mcp-data-vis (affected versions not specified) Description A SQL injection issue exists in the `Request` function within the `src/servers/database/server.js` file of the MCP Handler component. This manipulation can be initiated remotely. The exploit has been publicly disclosed. The product uses a rolling release model, so specific version information is unavailable. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 1.22 Description A security flaw exists in Nothings stb, specifically within the `start decoder` function of the `stb vorbis.c` file. This flaw results in an out-of-bounds write, and can be exploited remotely. The exploit has been publicly released. Recommendations Versions prior to 1.23: There is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 1.26 Description A flaw exists in Nothings stb, specifically within the `stbtt buf get8` function located in the `stb truetype.h` library of the TTF File Handler component. This issue can lead to an out-of-bounds read. The vulnerability is remotely exploitable and has been publicly disclosed. The vendor was notified but did not respond. Recommendations Versions prior to 1.26 should be updated.

Name of the Vulnerable Software and Affected Versions Harvard University IQSS Dataverse versions up to 6.8 Description A flaw exists in Harvard University IQSS Dataverse that allows for unrestricted file upload through manipulation of the `uploadLogo` argument in the `/ThemeAndWidgets.xhtml` file within the Theme Customization component. This issue is publicly exploitable. Recommendations Upgrade to version 6.10 or later.

Name of the Vulnerable Software and Affected Versions Iperius Backup versions up to 8.7.2 Description A security issue was found in Enter Software Iperius Backup up to version 8.7.2. The issue involves manipulation of the file `IperiusAccounts.ini` and leads to the use of a hard-coded cryptographic key. The attack requires local access and is considered to be of high complexity and difficult to exploit. The exploit is publicly available. Recommendations Upgrade to version 8.7.4 or later.

Name of the Vulnerable Software and Affected Versions welovemedia FFmate versions up to 2.0.15 Description A security issue exists in welovemedia FFmate up to version 2.0.15 related to cross site scripting. The issue is located in the file `/ui/app/components/AppJsonTreeView.vue` within the Webhook Handler component. The manipulation of some unknown functionality leads to cross site scripting and can be initiated remotely. The exploit has been publicly disclosed. Recommendations Update to a version later than 2.0.15.

Name of the Vulnerable Software and Affected Versions Sanster IOPaint version 1.5.3 Description A path traversal issue exists in the File Manager component of Sanster IOPaint version 1.5.3, specifically within the ` get file` function of the `iopaint/file manager/file manager.py` file. Manipulation of the `filename` argument can lead to path traversal. The exploit has been made public and is possible to be carried out remotely. The vendor was contacted but did not respond. Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `iopaint/file manager/file manager.py` file.

Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 2.30 Description A flaw exists in Nothings stb, specifically within the GIF Decoder component, affecting the `stbi gif load next` function in the `stb image.h` library. This can lead to a denial of service. The exploit has been publicly disclosed. The vendor was informed but did not respond. Recommendations Update to a version later than 2.30.

Name of the Vulnerable Software and Affected Versions z-9527 admin versions 1.0 through 2.0 Description A flaw exists in z-9527 admin versions 1.0 through 2.0 within the User Update Endpoint component, specifically affecting an unknown function in the `/server/routes/user.js` file. Manipulation of the `isAdmin` argument with the input `1` results in dynamically-determined object attributes. This issue is remotely exploitable, and an exploit is publicly available. The vendor was contacted but did not respond. Recommendations Versions prior to 2.0 should be updated. As a temporary workaround, consider restricting access to the `/server/routes/user.js` file or disabling the affected function until a patch is available.

Name of the Vulnerable Software and Affected Versions Shandong Hoteam InforCenter PLM versions up to 8.3.8 Description A flaw exists in the function `uploadFileToIIS` within the file `/Base/BaseHandler.ashx` of Shandong Hoteam InforCenter PLM. Manipulation of the `File` argument allows for unrestricted file uploads, potentially exploitable remotely. The exploit is publicly available. Recommendations Update to a version beyond 8.3.8.

Name of the Vulnerable Software and Affected Versions z-9527 admin versions 1.0 through 2.0 Description A security flaw has been discovered in z-9527 admin versions 1.0 and 2.0. The issue affects an unknown function within the `/server/routes/message.js` file of the Message Create Endpoint component. Manipulation of this component can lead to cross site scripting. The attack can be initiated remotely. The exploit has been released publicly and may be used for attacks. The vendor was contacted regarding this disclosure but did not respond. Recommendations For z-9527 admin version 1.0, address the cross site scripting issue in the `/server/routes/message.js` file of the Message Create Endpoint component. For z-9527 admin version 2.0, address the cross site scripting issue in the `/server/routes/message.js` file of the Message Create Endpoint component.

Name of the Vulnerable Software and Affected Versions gougucms version 4.08.18 Description A flaw exists in gougucms version 4.08.18 within the User Registration Handler component. Specifically, the `reg submit` function in the file gougucms-masterapphomecontrollerLogin.php is susceptible to manipulation of the `level` argument, resulting in dynamically-determined object attributes. This issue can be exploited remotely. The exploit has been publicly disclosed. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions gougucms version 4.08.18 Description A cross-site scripting issue exists in gougucms 4.08.18. The issue is located in an unknown function of the file `gougucms-masterappadminviewuserrecord.html` within the Record Endpoint component. Manipulation of the `value.content` argument can lead to cross-site scripting. The attack can be initiated remotely, and the exploit has been publicly released. The vendor was contacted but did not respond. Recommendations For gougucms version 4.08.18, address the cross-site scripting issue by sanitizing the `value.content` argument in the `gougucms-masterappadminviewuserrecord.html` file of the Record Endpoint component.

Name of the Vulnerable Software and Affected Versions bufanyun HotGo versions 1.0 through 2.0 Description A weakness exists in bufanyun HotGo versions 1.0 and 2.0. The issue affects an unknown functionality within the `/web/src/layout/components/Header/MessageList.vue` file of the `editNotice` endpoint component. Manipulating this functionality can lead to cross site scripting (XSS). The attack can be launched remotely, and an exploit is publicly available. The vendor was contacted regarding this disclosure but did not respond. Recommendations For versions 1.0 and 2.0, address the vulnerability in the `/web/src/layout/components/Header/MessageList.vue` file of the `editNotice` endpoint component to prevent cross site scripting.

Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 1.26 Description A flaw exists in Nothings stb, specifically within the TTF File Handler component, impacting the `stbtt InitFont internal` function in the `stb truetype.h` library. A manipulation of the function can lead to an out-of-bounds read. Remote exploitation is possible, and details of the exploit have been publicly disclosed. Attempts to contact the vendor regarding this issue were unsuccessful. Recommendations Update Nothings stb to a version newer than 1.26.