Disfigure

Name of the Vulnerable Software and Affected Versions: Coppermine Photo Gallery version 1.4.9 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `aid` parameter in the picmgr.php file. Recommendations: For Coppermine Photo Gallery version 1.4.9, avoid using the `aid` parameter in the picmgr.php file until a patch is available. Consider restricting access to the picmgr.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Simplog version 0.9.3.1 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cid` parameter in the comments.php file. **Recommendations** For Simplog version 0.9.3.1, consider restricting access to the comments.php file or the `cid` parameter to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Moodle version 1.6.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by providing a double-encoded tag parameter in the blog/index.php file within the blog module. **Recommendations** For Moodle version 1.6.2, consider restricting access to the blog module until a fix is available, and avoid using double-encoded tag parameters in the blog/index.php file to minimize the risk of exploitation.