Dnx

**Name of the Vulnerable Software and Affected Versions** w3b|cms Gaestebuch Guestbook Module version 3.0.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is possible due to a SQL injection vulnerability when the `magic quotes gpc` setting is disabled. The vulnerability can be exploited via the `spam id` parameter. **Recommendations** For version 3.0.0, consider disabling the `includes/module/book/index.inc.php` module until a patch is available, or restrict access to it to minimize the risk of exploitation. Avoid using the `spam id` parameter in the affected module until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Ktools PhotoStore versions 2.5 through 3.5.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the manager/image details editor.php file. **Recommendations** For versions 2.5 through 3.5.2, consider restricting access to the `id` parameter in the manager/image details editor.php file until a patch is available. As a temporary workaround, avoid using the `id` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Ktools PhotoStore versions 3.4.3 through 3.5.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `gid` parameter to the "about us.php" endpoint. **Recommendations** For versions 3.4.3 through 3.5.2, consider restricting access to the "about us.php" endpoint to minimize the risk of exploitation. Avoid using the `gid` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** w3b>cms (aka w3blabor CMS) versions prior to 3.4.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `benutzername` parameter in a login action, specifically when `magic quotes gpc` is disabled. **Recommendations** For versions prior to 3.4.0, update to version 3.4.0 or later to resolve the issue. As a temporary workaround, consider enabling `magic quotes gpc` to mitigate the risk of SQL injection attacks. Additionally, restrict access to the admin/index.php page to minimize the risk of exploitation. Avoid using the `benutzername` parameter in the login action until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: UltraStats versions 0.2.136 through 0.2.142 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the players-detail.php file. Recommendations: For versions 0.2.136 through 0.2.142, avoid using the `id` parameter in the affected players-detail.php file until a fix is available. Consider restricting access to this file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: pSys version 0.7.0 Alpha Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `showid` parameter in the chatbox.php file when magic quotes gpc is disabled. Recommendations: For pSys version 0.7.0 Alpha, consider disabling the chatbox.php file or restricting access to it until a patch is available. Additionally, enabling magic quotes gpc can help mitigate the risk of exploitation. Avoid using the `showid` parameter in the chatbox.php file until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Xomol CMS version 1.20071213 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `email` parameter in the "index.php" file when `magic quotes gpc` is disabled. Recommendations: For Xomol CMS version 1.20071213, consider disabling the `email` parameter in the "index.php" file until a patch is available. Restrict access to the "index.php" file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Xomol CMS version 1.20071213 Description: A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files. This is achieved by using a .. (dot dot) in the `op` parameter of the index.php file. Recommendations: For Xomol CMS version 1.20071213, as a temporary workaround, consider restricting access to the `op` parameter in the index.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AuraCMS version 2.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `albums` parameter in the `/gallery/ajax/gallery data.php` endpoint. **Recommendations** For AuraCMS version 2.2, consider restricting access to the `/gallery/ajax/gallery data.php` endpoint until a patch is available. As a temporary workaround, avoid using the `albums` parameter in this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHP ZLink version 0.3 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the `id` parameter. **Recommendations** For PHP ZLink version 0.3, avoid using the `id` parameter in the go.php file until a fix is available. Consider validating and sanitizing user input to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** actSite version 1.991 Beta **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `BaseCfg[BaseDir]` parameter in the lib/base.php file. **Recommendations** For actSite version 1.991 Beta, consider restricting access to the `lib/base.php` file and avoid using the `BaseCfg[BaseDir]` parameter in URLs until a patch is available. As a temporary workaround, restrict the use of the `BaseCfg[BaseDir]` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** actSite version 1.56 **Description** The issue allows remote attackers to include and execute arbitrary local files. This is achieved by using a .. (dot dot) in the `do` parameter of the phpinc/news.php file, enabling directory traversal. **Recommendations** For actSite version 1.56, consider restricting access to the phpinc/news.php file until a patch is available. As a temporary workaround, avoid using the `do` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHPNuke-Clan (PNC) versions 4.2.0 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `vwar root` parameter. This is a different vector than previously identified issues. It is possible that this issue stems from a problem in VWar itself. **Recommendations** For PHPNuke-Clan (PNC) versions 4.2.0 and earlier, consider restricting access to the `convert/mvcw conver.php` file in the Virtual War (VWar) module until a patch is available. As a temporary workaround, avoid using the `vwar root` parameter in the affected module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

PHP remote file inclusion vulnerability in convert/mvcw.php in Virtual War (VWar) 1.5.0 R15 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwar root parameter, a different vector than CVE-2006-1503, CVE-2006-1636, and CVE-2006-1747.

**Name of the Vulnerable Software and Affected Versions** Imageview version 5.3 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using a .. (dot dot) in the `album` parameter of the fileview.php file. **Recommendations** For Imageview version 5.3, consider restricting access to the fileview.php file until a patch is available, or apply configuration changes to prevent directory traversal attacks, such as validating and sanitizing user input for the `album` parameter.

**Name of the Vulnerable Software and Affected Versions** Magic CMS version 4.2.747 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `file` parameter in the mysave.php file. **Recommendations** For Magic CMS version 4.2.747, consider restricting access to the mysave.php file to minimize the risk of exploitation. Avoid using the `file` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783.

Name of the Vulnerable Software and Affected Versions: webSPELL version 4.01.02 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `showonly` parameter to the "index.php" endpoint, specifically when `register globals` is enabled. Recommendations: For webSPELL version 4.01.02, consider disabling the `register globals` setting to mitigate the risk of SQL injection attacks. Additionally, restrict access to the `index.php` endpoint to minimize the risk of exploitation, especially when the `showonly` parameter is used.