Y4G0

**Name of the Vulnerable Software and Affected Versions** Econtrata up to 20250516 **Description** A critical vulnerability was found in Econtrata, affecting an unknown function of the file /valida. The manipulation of the argument `usuario` leads to SQL injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond. **Recommendations** As a temporary workaround, consider restricting access to the vulnerable file /valida until a patch is available. Avoid using the argument `usuario` in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Drivin Soluções up to 20250226 **Description** A vulnerability was found in Drivin Soluções, affecting the /api/school/registerSchool API endpoint of the API Handler component. The manipulation of the `message` argument leads to cross-site scripting. The attack can be initiated remotely. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Drivin Soluções up to 20250226, as a temporary workaround, consider restricting access to the /api/school/registerSchool API endpoint until a patch is available. Avoid using the `message` argument in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AT Software Solutions ATSVD versions up to 3.4.1 **Description** A critical issue affects some unknown functionality of the component Esqueceu a senha. The manipulation of the `txtCPF` argument leads to SQL injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** Upgrading to version 3.4.2 is able to address this issue. It is recommended to upgrade the affected component. As a temporary workaround, consider restricting the use of the `txtCPF` argument to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Quantico Tecnologia PRMV version 6.48 **Description** A critical vulnerability was found in Quantico Tecnologia PRMV, affecting an unknown part of the file `/admin/login.php` of the component Login Endpoint. The manipulation of the `username` argument leads to SQL injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Quantico Tecnologia PRMV version 6.48, as a temporary workaround, consider restricting access to the `/admin/login.php` endpoint until a patch is available. Avoid using the `username` argument in the affected Login Endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Control iD RH iD version 25.2.25.0 **Description** A vulnerability was found in the API Handler component of Control iD RH iD, affecting an unknown part of the file /v2/customerdb/person.svc/change password. The manipulation of the `message` argument leads to cross-site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** As a temporary workaround, consider disabling the API endpoint "/v2/customerdb/person.svc/change password" until a patch is available. Restrict access to the API Handler component to minimize the risk of exploitation. Avoid using the `message` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Control iD RH iD version 25.2.25.0 **Description** A vulnerability has been found in the PDF Document Handler component of Control iD RH iD, affecting unknown code of the file "/v2/report.svc/comprovante marcacao/?companyId=1". The manipulation of the `nsr` argument leads to improper control of resource identifiers. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** As a temporary workaround, consider restricting access to the "/v2/report.svc/comprovante marcacao/" API endpoint until a patch is available. Avoid using the `nsr` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AT Software Solutions ATSVD versions up to 3.4.1 **Description** A critical issue was found in the Login Endpoint component, specifically in the /login.aspx file, where manipulation of the `txtUsuario` argument leads to sql injection. This issue can be exploited remotely. **Recommendations** For AT Software Solutions ATSVD versions up to 3.4.1, upgrade to version 3.4.2 to address this issue.

**Name of the Vulnerable Software and Affected Versions** Pixsoft E-Saphira version 1.7.24 **Description** A critical vulnerability has been found in the Login Endpoint component of Pixsoft E-Saphira, affecting the file "/servlet?act=login&tipo=1". The manipulation of the `txtUsuario` argument leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** As a temporary workaround, consider disabling the `/servlet?act=login&tipo=1` endpoint until a patch is available. Restrict access to the Login Endpoint component to minimize the risk of exploitation. Avoid using the `txtUsuario` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Pixsoft Sol versions 7.6.6a through 7.6.6c **Description** A critical issue affects some unknown processing of the file "/pix projetos/servlet?act=login&submit=1&evento=0&pixrnd=0125021816444195731041" of the component Login Endpoint. The manipulation of the argument `txtUsuario` leads to SQL injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For Pixsoft Sol versions 7.6.6a through 7.6.6c, as a temporary workaround, consider disabling the `txtUsuario` argument in the Login Endpoint until a patch is available. Restrict access to the vulnerable Login Endpoint to minimize the risk of exploitation. Avoid using the `txtUsuario` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Pixsoft Vivaz version 6.0.11 **Description** A vulnerability was found in the Login Endpoint component of Pixsoft Vivaz. The manipulation of the `sistema` argument in the "/servlet?act=login&submit=1&evento=0&pixrnd=0125021817031859360231" endpoint leads to cross-site scripting. This issue can be exploited remotely. The vendor was contacted about this disclosure but did not respond. **Recommendations** As a temporary workaround, consider restricting access to the "/servlet?act=login&submit=1&evento=0&pixrnd=0125021817031859360231" endpoint until a patch is available. Avoid using the `sistema` argument in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Benner ModernaNet versions up to 1.1.0 **Description** A critical issue affects some unknown functionality of the file /Home/JS CarregaCombo?formName=DADOS PESSOAIS PLANO&additionalCondition=&insideParameters=&elementToReturn=DADOS PESSOAIS PLANO&ordenarPelaDescricao=true&direcaoOrdenacao=asc& =1739290047295. The manipulation leads to sql injection. The attack may be launched remotely. **Recommendations** To address this issue, upgrade to version 1.1.1. It is recommended to upgrade the affected component. As a temporary workaround, consider restricting access to the /Home/JS CarregaCombo API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Benner ModernaNet versions 1.1.0 and earlier **Description** A critical issue has been identified in Benner ModernaNet, affecting unknown code in the file /AGE0000700/GetImageMedico?fooId=1. The manipulation of the `fooId` argument leads to improper control of resource identifiers, allowing remote attacks. Upgrading to version 1.1.1 can address this issue. **Recommendations** For Benner ModernaNet versions 1.1.0 and earlier, upgrade to version 1.1.1 to resolve the issue. As a temporary workaround, consider restricting access to the /AGE0000700/GetImageMedico API endpoint until the update is applied. Avoid using the `fooId` argument in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Benner ModernaNet versions up to 1.1.0 **Description** A vulnerability was found in the processing of the file /DadosPessoais/SG AlterarSenha, leading to cross-site request forgery. The attack may be initiated remotely. Upgrading to version 1.1.1 is able to address this issue. **Recommendations** For Benner ModernaNet versions up to 1.1.0, upgrade to version 1.1.1 to address the issue. As a temporary workaround, consider restricting access to the /DadosPessoais/SG AlterarSenha file until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** Benner ModernaNet versions prior to 1.2.1 **Description** A problematic issue has been found, affecting an unknown function of the file /DadosPessoais/SG Gravar. The manipulation of the `idItAg` argument leads to cross-site request forgery. This issue can be exploited remotely. **Recommendations** For versions prior to 1.2.1, upgrade to version 1.2.1 to address this issue. As a temporary workaround, consider restricting access to the /DadosPessoais/SG Gravar file until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** Benner Connecta version 1.0.5330 **Description** A critical issue was discovered in the software, affecting an unknown functionality related to the file /Usuarios/Usuario/EditarLogado/. The manipulation of the `Handle` argument leads to improper control of resource identifiers, allowing for remote attacks. The vendor was contacted about this issue but did not respond. **Recommendations** For Benner Connecta version 1.0.5330, as a temporary workaround, consider restricting access to the /Usuarios/Usuario/EditarLogado/ file until a patch is available. Avoid manipulating the `Handle` argument in this context to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Benner ModernaNet versions 1.1.0 and earlier **Description** A critical issue has been found in Benner ModernaNet, affecting an unknown part of the file `/AGE0000700/GetHorariosDoDia?idespec=0&idproced=1103&data=2025-02-25+19%3A25&agserv=0&convenio=1&localatend=1&idplano=5&pesfis=01&idprofissional=0&target=.horarios--dia--d0& =1739371223797`. The manipulation leads to SQL injection, and it is possible to initiate the attack remotely. Upgrading to version 1.1.1 can address this issue. **Recommendations** To resolve the issue, upgrade to version 1.1.1. As a temporary workaround, consider restricting access to the vulnerable API endpoint `/AGE0000700/GetHorariosDoDia` until the update is applied. Avoid using the parameters `idespec`, `idproced`, `data`, `agserv`, `convenio`, `localatend`, `idplano`, `pesfis`, `idprofissional`, and `target` in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Zenvia Movidesk versions prior to 25.01.22.245a473c54 **Description** A problematic issue has been found in the New Ticket Handler component, where the manipulation of the `subject` argument leads to cross-site scripting. This can be initiated remotely. **Recommendations** For versions prior to 25.01.22.245a473c54, upgrade to version 25.01.22.245a473c54 to address this issue. As a temporary workaround, consider restricting the manipulation of the `subject` argument in the New Ticket Handler component until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** Zenvia Movidesk versions prior to 25.01.22.245a473c54 **Description** A problematic issue was found in Zenvia Movidesk, affecting some unknown functionality of the file /Account/EditProfile of the component Profile Editing. The manipulation of the `username` argument leads to cross-site scripting. The attack may be launched remotely. **Recommendations** For versions prior to 25.01.22.245a473c54, upgrade to version 25.01.22.245a473c54 to address this issue. As a temporary workaround, consider restricting access to the /Account/EditProfile endpoint until the upgrade is applied. Avoid using the `username` argument in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Zenvia Movidesk versions up to 25.01.22 **Description** A vulnerability was found in Zenvia Movidesk, affecting an unknown functionality of the file /Account/Login. The manipulation of the `ReturnUrl` argument leads to open redirect. The attack can be launched remotely. **Recommendations** For Zenvia Movidesk versions up to 25.01.22, upgrade to version 25.01.22.245a473c54 to address this issue. As a temporary workaround, consider restricting access to the `/Account/Login` endpoint until the upgrade is applied. Avoid using the `ReturnUrl` argument in the affected endpoint until the issue is resolved.