Cmaster4

**Name of the Vulnerable Software and Affected Versions** a6mambocredits component (com a6mambocredits) versions 2.0.0 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `mosConfig live site` parameter in the admin.a6mambocredits.php file. **Recommendations** For versions 2.0.0 and earlier, consider restricting access to the `admin.a6mambocredits.php` file until a fix is available. Avoid using the `mosConfig live site` parameter in the affected component until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** phpPrintAnalyzer versions 1.2 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `ficStyle` parameter in the inc/header.inc.php file. **Recommendations** For phpPrintAnalyzer versions 1.2 and earlier, avoid using the `ficStyle` parameter in the affected API endpoint until the issue is resolved.