Willchen

**Name of the Vulnerable Software and Affected Versions** itsourcecode Courier Management System version 1.0 **Description** A SQL injection issue exists in the '/edit parcel.php' file. Remote attackers can exploit this by manipulating the `ID` argument. SQL injection is a type of vulnerability that allows an attacker to interfere with the queries that an application makes to its database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the '/edit parcel.php' file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Construction Management System version 1.0 **Description** An issue exists in the processing of the '/locations.php' endpoint. A remote attacker can perform a SQL injection—a technique where malicious SQL statements are inserted into entry fields for execution—by manipulating the `address` parameter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the '/locations.php' file or avoid using the `address` parameter until a patch is available.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Construction Management System version 1.0 **Description** A remote SQL injection exists in the '/execute1.php' endpoint. This issue occurs due to improper handling of the `code` argument, allowing an attacker to manipulate database queries. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the '/execute1.php' file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Construction Management System version 1.0 **Description** A remote SQL injection exists in the '/execute.php' endpoint. The issue is caused by the improper handling of the `code` argument, allowing an attacker to manipulate database queries. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Courier Management System version 1.0 **Description** A SQL injection issue exists in the file '/edit branch.php'. A remote attacker can exploit this by manipulating the `ID` argument. SQL injection is a technique where malicious SQL statements are inserted into entry fields for execution, potentially allowing unauthorized access to or manipulation of the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A critical issue affects the processing of the file /adminpanel/admin/facebox modal/updateCourse.php. The manipulation of the `id` argument leads to sql injection. The attack may be initiated remotely. **Recommendations** For Campcodes Online Examination System version 1.0, consider disabling the `updateCourse.php` file or restricting access to it until a patch is available. Avoid using the `id` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A problematic vulnerability was found in the system, affecting an unknown functionality of the file /adminpanel/admin/facebox modal/updateCourse.php. The manipulation of the `id` argument leads to cross-site scripting. The attack can be launched remotely. **Recommendations** For Campcodes Online Examination System version 1.0, consider restricting access to the /adminpanel/admin/facebox modal/updateCourse.php file until a patch is available. As a temporary workaround, avoid using the `id` argument in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A problematic vulnerability has been found in the system, affecting an unknown function of the file /adminpanel/admin/facebox modal/updateExaminee.php. The manipulation of the `id` argument leads to cross-site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Campcodes Online Examination System version 1.0, consider disabling the `id` argument in the /adminpanel/admin/facebox modal/updateExaminee.php file as a temporary workaround until a patch is available. Restrict access to the updateExaminee.php file to minimize the risk of exploitation. Avoid using the `id` argument in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Lightxun IPTV Gateway versions up to 20231208 **Description** A vulnerability was found in the processing of the file /ZHGXTV/index.php/admin/index/web upload template.html. The manipulation of the `file` argument leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For versions up to 20231208, as a temporary workaround, consider restricting access to the /ZHGXTV/index.php/admin/index/web upload template.html file until a patch is available. Avoid using the `file` argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tongda OA versions 2017 up to 11.9 **Description** A critical issue affects an unknown functionality of the file general/work plan/manage/delete all.php. The manipulation of the `DELETE STR` argument leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For Tongda OA versions 2017 up to 11.9, consider disabling access to the `delete all.php` file or restricting the use of the `DELETE STR` argument until a patch is available. As a temporary workaround, avoid using the `DELETE STR` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Netentsec NS-ASG Application Security Gateway version 6.3.1 **Description** A critical issue has been found in the Netentsec NS-ASG Application Security Gateway. This issue affects the file /admin/singlelogin.php?submit=1 and is related to the manipulation of the `loginId` argument, which leads to sql injection. The attack can be initiated remotely. **Recommendations** For version 6.3.1, consider disabling access to the /admin/singlelogin.php endpoint until a patch is available. Restrict the use of the `loginId` argument in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Hikvision Intercom Broadcasting System versions 3.0.3 20201113 RELEASE(HIK) **Description** A critical issue exists in Hikvision Intercom Broadcasting System. The issue affects unknown code within the `/php/ping.php` file. Manipulating the `jsondata[ip]` parameter with the input `netstat -ano` results in operating system command injection. The exploit for this issue is publicly available. **Recommendations** Upgrade to version 4.1.0 to address this issue.

**Name of the Vulnerable Software and Affected Versions** Hikvision Intercom Broadcasting System version 3.0.3 20201113 RELEASE(HIK) **Description** A vulnerability was found in the Log File Handler component, affecting an unknown part of the file `access/html/system.html`. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. **Recommendations** For Hikvision Intercom Broadcasting System version 3.0.3 20201113 RELEASE(HIK), upgrade to version 4.1.0 to address this issue. It is recommended to upgrade the affected component. As a temporary workaround, consider restricting access to the `access/html/system.html` file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Hikvision Intercom Broadcasting System versions 3.0.3 20201113 RELEASE(HIK) through 3.0.3 20201113 RELEASE(HIK) **Description** A vulnerability was found in the Hikvision Intercom Broadcasting System, affecting some unknown functionality of the file /php/exportrecord.php. The manipulation of the `downname` argument with a specific input leads to path traversal. The exploit has been disclosed to the public and may be used. **Recommendations** For Hikvision Intercom Broadcasting System version 3.0.3 20201113 RELEASE(HIK), upgrade to version 4.1.0 to address this issue. As a temporary workaround, consider restricting access to the `/php/exportrecord.php` file until the upgrade is applied. Additionally, avoid using the `downname` argument in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Hongjing e-HR 2020 **Description** A critical issue has been identified in Hongjing e-HR 2020. The problem resides in an unknown function within the file `/w selfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree` of the Login Interface component. Manipulation of the `parentid` argument allows for SQL injection. The attack can be initiated remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tongda OA versions 2017 up to 11.10 **Description** A critical issue has been found in an unknown functionality of the file general/wiki/cp/manage/delete.php. The manipulation of the `TERM ID STR` argument leads to SQL injection. The issue has been publicly disclosed. **Recommendations** For Tongda OA versions 2017 up to 11.10, consider restricting access to the delete.php file in the general/wiki/cp/manage directory as a temporary workaround until a patch is available. Avoid using the `TERM ID STR` argument in the affected functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Tongda OA 2017 versions up to 11.9 **Description** A critical issue was found in some unknown functionality of the file general/notify/manage/delete.php. The manipulation of the `DELETE STR` argument leads to sql injection. The issue has been publicly disclosed and may be exploited. **Recommendations** For Tongda OA 2017 versions up to 11.9, upgrade to version 11.10 to address this issue. As a temporary workaround, consider restricting access to the file general/notify/manage/delete.php until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** Byzoro S210 up to 20231123 Beijing Baichuo S210 up to 20231123 **Description** A critical vulnerability affects the HTTP POST Request Handler component, specifically the file /Tool/uploadfile.php. The manipulation of the `file upload` argument leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond. **Recommendations** For Byzoro S210 up to 20231123, consider restricting access to the /Tool/uploadfile.php file to minimize the risk of exploitation. For Beijing Baichuo S210 up to 20231123, consider disabling the HTTP POST Request Handler component until a patch is available. As a temporary workaround, avoid using the `file upload` argument in the affected API endpoint until the issue is resolved.