Whiskey-Jj

Name of the Vulnerable Software and Affected Versions: Bludit version 3.12.0 Description: A file upload issue was found in the file path /bl-plugins/backup/plugin.php. If an attacker gains Administrator rights, they can use unsafe plugins to upload a backup file and control the server. Recommendations: For Bludit version 3.12.0, consider restricting access to the /bl-plugins/backup/plugin.php file until a patch is available. As a temporary workaround, limit the use of unsafe plugins to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: htmly version 2.7.5 Description: An arbitrary file deletion issue was found, allowing remote attackers with Administrator privileges to delete any file on the server using an absolute path. Recommendations: For version 2.7.5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.