Yohane-Mashiro

**Name of the Vulnerable Software and Affected Versions** Dromara Sa-Token versions prior to 1.45.0 **Description** A flaw exists in Dromara Sa-Token up to version 1.44.0 related to deserialization. The issue is located in the `ObjectInputStream.readObject` function within the `SaSerializerTemplateForJdkUseBase64.java` file. This allows for remote manipulation with high complexity and difficult exploitability. The exploit has been publicly disclosed. The vendor was informed but did not respond. **Recommendations** Update Dromara Sa-Token to version 1.45.0 or later. As a temporary workaround, consider restricting access to the `SaSerializerTemplateForJdkUseBase64.java` file.

**Name of the Vulnerable Software and Affected Versions** Dromara Sa-Token versions up to 1.44.0 **Description** A weakness exists in Dromara Sa-Token up to version 1.44.0 related to deserialization. The issue affects the `ObjectInputStream.readObject` function within the `SaJdkSerializer.java` file. Exploitation can lead to deserialization and may be launched remotely. The complexity of the attack is high, and exploitability is considered difficult. The vendor was contacted regarding this disclosure but did not respond. **Recommendations** Versions prior to 1.44.0 should be used.

**Name of the Vulnerable Software and Affected Versions** grav versions prior to 1.7.49.5 **Description** A Server-Side Request Forgery (SSRF) issue exists in grav. The issue occurs when page content is processed by Twig templates, and the configuration allows undefined PHP functions to be registered. This can be triggered via Twig templates. SSRF allows an attacker to cause the server to make requests to unintended locations. **Recommendations** Update grav to version 1.7.49.5 or later.

**Name of the Vulnerable Software and Affected Versions** grav versions prior to 1.7.49.5 **Description** The software contains a Stored Cross-Site Scripting issue within the page editing functionality. An authenticated, low-privileged user who has permission to edit content can inject malicious JavaScript payloads into editable fields. This payload is stored on the server and executed when another user views or edits the affected page. **Recommendations** Update to version 1.7.49.5 or later.

**Name of the Vulnerable Software and Affected Versions** code-projects Computer Laboratory System version 1.0 **Description** A flaw exists in code-projects Computer Laboratory System 1.0 that allows for unrestricted file uploads through manipulation of the `image` argument in the `technical staff pic.php` file. This issue can be exploited remotely. The exploit details have been publicly disclosed. **Recommendations** Apply restrictions to file uploads in the `technical staff pic.php` file. Sanitize the `image` argument to prevent unrestricted uploads. Disable or restrict access to the `technical staff pic.php` file as a temporary measure.

**Name of the Vulnerable Software and Affected Versions** code-projects Computer Laboratory System version 1.0 **Description** A flaw exists in the processing of the `admin/admin pic.php` file. Manipulation of the `image` argument allows for unrestricted file upload, potentially enabling remote attacks. The exploit for this issue has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Bidding System version 1.0 **Description** A weakness exists in code-projects Online Bidding System 1.0 that allows for unrestricted file upload. This issue is present in the `categoryadd` function within the `/administrator/addcategory.php` file. The manipulation of the `catimage` argument enables this functionality. The exploit for this issue has been publicly released and is available for use. **Recommendations** Apply any available updates or patches for code-projects Online Bidding System version 1.0. As a temporary workaround, restrict access to the `/administrator/addcategory.php` file. Consider temporarily disabling the `categoryadd` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** code-projects Blog Site version 1.0 **Description** A security issue exists in code-projects Blog Site 1.0 where manipulation of an unknown function within the `/admin.php` file can lead to improper authorization. This allows for remote initiation of the attack. The exploit is publicly available. Multiple API endpoints are affected. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Blog Site version 1.0 **Description** A security issue exists in code-projects Blog Site 1.0 related to the Category Handler component. Manipulation of the argument name/field within the `category exists` function, located in the file `/resources/functions/blog.php`, can lead to SQL injection. The attack can be performed remotely. The exploit has been publicly disclosed and may be used. Multiple API endpoints are affected. The `name/field` argument is vulnerable. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.