Gamoscu

**Name of the Vulnerable Software and Affected Versions** Joomla! component com ezautos (affected versions not specified) **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. The issue is exploited via the `firstCode` parameter in a helpers action to "index.php". **Recommendations** For the affected version of the com ezautos component, avoid using the `firstCode` parameter in the helpers action to "index.php" until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Geeklog version 1.3.8 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `lid` parameter in the filemgmt/singlefile.php file. **Recommendations** For Geeklog version 1.3.8, avoid using the `lid` parameter in the filemgmt/singlefile.php file until the issue is resolved. Consider restricting access to the filemgmt/singlefile.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Bartels Schone ConPresso version 4.0.7 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the firma.php file. **Recommendations** For version 4.0.7, consider restricting access to the firma.php file until a patch is available. As a temporary workaround, avoid using the `id` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WSN Guest version 1.02 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `orderlinks` parameter in the "index.php" file. **Recommendations** For WSN Guest version 1.02, consider restricting access to the `orderlinks` parameter in the "index.php" file until a patch is available. As a temporary workaround, avoid using the `orderlinks` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Pyrmont plugin 2 for WordPress (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `id` parameter in the results.php file. This can be exploited by sending malicious input to the vulnerable endpoint, potentially leading to unauthorized data access or modification. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** weenCompany version 4.0.0 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `moduleid` parameter in the "index.php" endpoint. **Recommendations** For weenCompany version 4.0.0, avoid using the `moduleid` parameter in the "index.php" endpoint until the issue is resolved. Consider restricting access to this endpoint to minimize the risk of exploitation.