Yyjccc

**Name of the Vulnerable Software and Affected Versions** redragon-erp version 1.0 **Description** The software contains a Shiro deserialization issue stemming from the use of a default Shiro key. This could allow for unauthorized access or control of the system. **Recommendations** Replace the default Shiro key with a strong, randomly generated key.

Name of the Vulnerable Software and Affected Versions: fcba zzm ics-park Smart Park Management System version 2.0 Description: A code injection vulnerability exists in the Scheduled Task Module of the fcba zzm ics-park Smart Park Management System. The issue is located in an unknown function within the `ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/JobController.java` file. This manipulation can be performed remotely. The exploit for this issue has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** fcba zzm ics-park Smart Park Management System version 2.0 **Description** A security flaw has been discovered that allows for unrestricted file upload. The vulnerability affects unknown code within the `FileUploadUtils.java` file. The manipulation of the `File` argument enables the unrestricted upload of files, and the attack can be launched remotely. The exploit has been released publicly. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.