Jgj212

**Name of the Vulnerable Software and Affected Versions** novaksolutions/infusionsoft-php-sdk version v2016-10-31 novaksolutions/infusionsoft-php-sdk versions before v1.0 **Description** The issue is related to a reflected XSS in the leadscoring.php file, which can result in code execution. The `ContactId` parameter in the `leadscoring.php` file is vulnerable to this issue. **Recommendations** For novaksolutions/infusionsoft-php-sdk version v2016-10-31, update to a version later than v2016-10-31. For novaksolutions/infusionsoft-php-sdk versions before v1.0, update to version v1.0 or later. As a temporary workaround, consider restricting access to the `leadscoring.php` file or avoiding the use of the `ContactId` parameter until a patch is available.

**Name of the Vulnerable Software and Affected Versions** payfort-php-SDK versions through 2018-04-26 **Description** The issue concerns a security problem where an attacker can execute malicious scripts. This is achieved by exploiting the `fort id` parameter in the success.php file, allowing for malicious code execution. **Recommendations** For versions through 2018-04-26, avoid using the `fort id` parameter in the success.php file until a fix is available. Consider validating and sanitizing user input to prevent malicious code execution.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-28 **Description** The issue is related to a memory leak in the WritePCXImage function, located in the coders/pcx.c file. **Recommendations** For ImageMagick version 7.0.7-28, consider updating to a newer version that contains a fix for this memory leak issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-28 **Description** The issue is related to a memory leak in the ReadBGRImage function located in coders/bgr.c. **Recommendations** For ImageMagick version 7.0.7-28, consider updating to a newer version that contains a fix for this memory leak issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-28 **Description** The issue is related to a memory leak in the WritePDBImage function located in coders/pdb.c. **Recommendations** For ImageMagick version 7.0.7-28, consider updating to a newer version that contains a fix for this memory leak issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-28 **Description** The issue is related to a memory leak in the WriteSGIImage function located in coders/sgi.c. **Recommendations** For ImageMagick version 7.0.7-28, consider updating to a newer version that contains a fix for this memory leak issue.

**Name of the Vulnerable Software and Affected Versions** paypal/permissions-sdk-php (affected versions not specified) **Description** The issue concerns a reflected XSS in the `verification code` parameter of the samples/GetAccessToken.php file, potentially leading to code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-28 **Description** The issue is related to a memory leak in the ReadYCBCRImage function, located in coders/ycbcr.c. **Recommendations** For ImageMagick version 7.0.7-28, consider updating to a newer version that contains a fix for this memory leak issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-28 **Description** The issue is related to a memory leak in the WriteTIFFImage function located in coders/tiff.c. **Recommendations** For ImageMagick version 7.0.7-28, consider updating to a newer version that contains a fix for this memory leak issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-2 **Description** The issue is related to a memory leak in the ReadOneJNGImage function located in coders/png.c. **Recommendations** For ImageMagick version 7.0.7-2, consider updating to a newer version that addresses the memory leak issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-2 **Description** The issue is related to a memory leak in the ReadSGIImage function located in coders/sgi.c. **Recommendations** For ImageMagick version 7.0.7-2, consider updating to a newer version that addresses the memory leak issue in the ReadSGIImage function.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.6-6 **Description** The issue is related to a memory leak in the ReadMATImage function located in coders/mat.c. **Recommendations** For ImageMagick version 7.0.6-6, consider updating to a newer version that addresses the memory leak issue in the ReadMATImage function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.6-6 **Description** The issue is related to a memory exhaustion vulnerability in the ReadWPGImage function, located in coders/wpg.c, which can be triggered by a crafted wpg image file. **Recommendations** For ImageMagick version 7.0.6-6, consider updating to a newer version that contains a fix for this issue, as using a crafted wpg image file can cause memory exhaustion.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.6-6 **Description** The issue is related to a memory leak in the ReadXCFImage function, located in coders/xcf.c, which can be triggered by a crafted xcf image file. **Recommendations** For ImageMagick version 7.0.6-6, consider updating to a newer version that contains a fix for this memory leak issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.6-2 **Description** The issue is related to a memory leak in the WriteMSLImage function located in coders/msl.c. **Recommendations** For ImageMagick version 7.0.6-2, consider updating to a newer version that addresses the memory leak issue in the WriteMSLImage function.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.6-5 **Description** The issue is related to a memory leak in the ReadWEBPImage function in coders/webp.c. This occurs because memory is not freed in certain error cases, such as VP8 errors. The vulnerability can be exploited by a remote attacker to cause a memory leak. **Recommendations** For ImageMagick version 7.0.6-5, consider disabling the ReadWEBPImage function in coders/webp.c as a temporary workaround until a patch is available. Restrict access to the `coders/webp.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.6-5 **Description** The issue is related to the `ReadWEBPImage` function in `coders/webp.c`, where memory allocation is excessive due to dependence on a length field in a header. This can lead to a buffer overflow, potentially allowing a remote attacker to cause a denial of service. **Recommendations** For ImageMagick version 7.0.6-5, consider disabling the `ReadWEBPImage` function in `coders/webp.c` as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-0 Q16 **Description** The issue is related to a NULL pointer dereference in the `ReadEnhMetaFile` function, located in `coders/emf.c`. This could potentially allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For ImageMagick version 7.0.7-0 Q16, consider disabling the `ReadEnhMetaFile` function in `coders/emf.c` as a temporary workaround until a patch is available. Restrict access to the `emf.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-0 Q16 **Description** The issue is related to a NULL pointer dereference in the PDFDelegateMessage component of the ImageMagick console graphic editor, located in coders/pdf.c. This could potentially allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For ImageMagick version 7.0.7-0 Q16, consider disabling the PDFDelegateMessage component in coders/pdf.c as a temporary workaround until a patch is available. Restrict access to the `PDFDelegateMessage` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions 7.0.7-0 **Description** The issue is related to a NULL pointer dereference error in the TIFFIgnoreTags component of the ImageMagick console graphic editor, located in coders/tiff.c. This error can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For ImageMagick version 7.0.7-0, consider disabling the TIFFIgnoreTags function in coders/tiff.c as a temporary workaround until a patch is available.