Fuzion

Name of the Vulnerable Software and Affected Versions: PHP Link Directory (phpLD) version 3.3 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is possible when register globals is enabled and magic quotes gpc is disabled. The exploitation occurs via the `name` parameter. Recommendations: For PHP Link Directory (phpLD) version 3.3, consider disabling the register globals setting and enabling magic quotes gpc to prevent exploitation. Additionally, restrict access to the `name` parameter in the affected page.php file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Jaws version 0.8.8 **Description** A directory traversal issue exists, allowing remote authenticated users to read arbitrary files. This is achieved by using a .. (dot dot) in the `language`, `Introduction complete`, and `use log` parameters. **Recommendations** For Jaws version 0.8.8, as a temporary workaround, consider restricting access to the `index.php` file until a patch is available. Avoid using the `language`, `Introduction complete`, and `use log` parameters in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenGoo version 1.1 **Description** The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the upgrade/index.php file. This occurs when register globals is enabled and magic quotes gpc is disabled. The vulnerability can be exploited via a .. (dot dot) in the `form data[script class]` parameter. **Recommendations** For OpenGoo version 1.1, consider disabling the register globals setting and enabling magic quotes gpc to mitigate the risk. Additionally, restrict access to the upgrade/index.php file until a patch is available. Avoid using the `form data[script class]` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ITLPoll version 2.7 Stable 2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is possible when the `magic quotes gpc` setting is disabled. The `id` parameter is used in the exploitation. **Recommendations** For ITLPoll version 2.7 Stable 2, consider enabling the `magic quotes gpc` setting to prevent SQL injection attacks. Additionally, restrict access to the `id` parameter in the `index.php` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Injader versions prior to 2.1.2 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `id` parameter in the "feeds.php" file. **Recommendations** For versions prior to 2.1.2, update to version 2.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the "feeds.php" file or avoiding the use of the `id` parameter until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Constructr CMS versions 3.02.5 and earlier **Description** The issue allows remote attackers to create or read arbitrary files via directory traversal sequences in the `edit file` parameter, when `register globals` is enabled and `magic quotes gpc` is disabled. **Recommendations** For Constructr CMS versions 3.02.5 and earlier, consider disabling the `register globals` setting and enabling `magic quotes gpc` to mitigate the risk of exploitation. Additionally, restrict access to the `backend/template.php` file to minimize the risk of arbitrary file creation or reading. Avoid using the `edit file` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ClaSS versions prior to 0.8.61 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using directory traversal sequences in the `ftype` parameter of the scripts/export.php file. **Recommendations** For versions prior to 0.8.61, update to version 0.8.61 or later to resolve the issue. As a temporary workaround, consider restricting access to the scripts/export.php file until the update is applied. Avoid using the `ftype` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Constructr CMS versions 3.02.5 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is possible when register globals is enabled and magic quotes gpc is disabled. The `show page` parameter is used for the attack. **Recommendations** For Constructr CMS versions 3.02.5 and earlier, disable the register globals setting and enable magic quotes gpc to prevent exploitation. Additionally, restrict access to the `index.php` file and avoid using the `show page` parameter until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Constructr CMS versions 3.02.5 and earlier **Description** The issue allows context-dependent attackers to obtain sensitive information by reading the hash column in a MySQL database, as passwords are stored in cleartext. **Recommendations** For Constructr CMS versions 3.02.5 and earlier, consider updating the password storage mechanism to hash and salt passwords, and restrict access to the MySQL database to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** BloofoxCMS version 0.3.4 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved via the `lang`, `theme`, and `module` parameters in the plugins/spaw2/dialogs/dialog.php file. **Recommendations** For BloofoxCMS version 0.3.4, restrict access to the vulnerable parameters `lang`, `theme`, and `module` in the dialog.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Seagull version 0.6.3 **Description** The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the optimizer.php file. This is achieved by using a .. (dot dot) in the `files` parameter. **Recommendations** For Seagull version 0.6.3, consider restricting access to the optimizer.php file or the `files` parameter to minimize the risk of exploitation until a patch is available.