D3Nger

**Name of the Vulnerable Software and Affected Versions** PHProjekt version 0.6.1 **Description** The issue allows remote attackers to execute arbitrary PHP code via the `path pre` parameter in several PHP files, including `cm lib.inc.php`, `doc/br.edithelp.php`, `doc/de.edithelp.php`, `doc/ct.edithelp.php`, `userrating.php`, and `listing.php`, when `register globals` is enabled. However, the impact of some vectors has been disputed, with claims that the `cm lib.inc.php` vector is limited to local file inclusion and that the `path pre` variable is initialized before use in the other vectors. **Recommendations** For PHProjekt version 0.6.1, consider disabling the `register globals` setting to prevent exploitation. Additionally, restrict access to the affected PHP files until a patch is available. As a temporary workaround, avoid using the `path pre` parameter in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Jupiter CMS version 1.1.5 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `template` parameter in the index.php file. However, it's noted that the `$template` variable is defined as a static value before it is referenced in an include statement, which disputes the claim of a remote file inclusion vulnerability. **Recommendations** For Jupiter CMS version 1.1.5, as a temporary workaround, consider restricting access to the `index.php` file or validating the `template` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHlyMail Lite versions 3.4.4 and earlier **Description** A remote file inclusion issue allows attackers to execute arbitrary PHP code via a URL in the ` PM [path][handler]` parameter. This is a different attack vector. Note that this issue has been disputed by a third party, citing the ` IN PHM ` declaration as a preventative measure against direct file calls. **Recommendations** For PHlyMail Lite versions 3.4.4 and earlier, consider restricting access to the `handlers/email/mod.output.php` file until a fix is available. As a temporary workaround, avoid using the ` PM [path][handler]` parameter in URLs to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.