Geinblues

**Name of the Vulnerable Software and Affected Versions** mono AZBOARD versions 1.0 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `search` and `cate` parameters to the "list.asp" endpoint, and the `id` and `cate` parameters to the "admin ok.asp" endpoint. **Recommendations** For mono AZBOARD versions 1.0 and earlier, consider restricting access to the "list.asp" and "admin ok.asp" endpoints until a fix is available. As a temporary workaround, avoid using the `search`, `cate`, and `id` parameters in these endpoints to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** YapBB versions 1.2 Beta2 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `userID` parameter in the "find.php" file. **Recommendations** For YapBB versions 1.2 Beta2 and earlier, avoid using the `userID` parameter in the affected find.php file until the issue is resolved.