Int_Main

**Name of the Vulnerable Software and Affected Versions** LM Starmail Paidmail version 2.0 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the `ID` parameter in the paidbanner.php file. **Recommendations** For LM Starmail Paidmail version 2.0, consider restricting access to the paidbanner.php file until a patch is available, and avoid using the `ID` parameter in this context to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LM Starmail Paidmail version 2.0 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `page` parameter in the home.php file. **Recommendations** For LM Starmail Paidmail version 2.0, consider restricting access to the home.php file or validating and sanitizing the `page` parameter to prevent remote file inclusion attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHP Paid 4 Mail Script (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `page` parameter in the home.php file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.