Joss

**Name of the Vulnerable Software and Affected Versions** Symphony CMS versions 2.0.7 through 2.1.1 **Description** The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the `fields[website]` parameter in the post comments feature or the `send-email[recipient]` parameter. **Recommendations** For Symphony CMS versions 2.0.7 through 2.1.1, consider disabling the post comments feature and restricting access to the about/ page until a fix is available. Avoid using the `fields[website]` and `send-email[recipient]` parameters in the affected features to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Multi-lingual E-Commerce System version 0.2 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `include path` parameter to various PHP files, including (1) checkout2-CYM.php, (2) checkout2-EN.php, (3) checkout2-FR.php, (4) cat-FR.php, (5) cat-EN.php, (6) cat-CYM.php, (7) checkout1-CYM.php, (8) checkout1-EN.php, (9) checkout1-FR.php, (10) prod-CYM.php, (11) prod-EN.php, and (12) prod-FR.php in the inc/ directory. **Recommendations** As a temporary workaround, consider restricting access to the `include path` parameter in the affected PHP files until a patch is available. Avoid using the `include path` parameter in the affected API endpoints until the issue is resolved. Restrict access to the inc/ directory to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** AJ HYIP MERIDIAN (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the news.php file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AJ HYIP PRIME (affected versions not specified) **Description** The issue is related to a SQL injection vulnerability in the welcome.php file. This vulnerability allows remote attackers to execute arbitrary SQL commands via the `id` parameter in the API endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Siestta version 2.0 **Description** A cross-site scripting (XSS) issue exists due to the ability of remote attackers to inject arbitrary web script or HTML via the `usuario` parameter in the carga foto al.php file when register globals is enabled. **Recommendations** For Siestta version 2.0, consider disabling the register globals setting to prevent exploitation, and restrict access to the carga foto al.php file until a patch is available. Avoid using the `usuario` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** PHPEcho CMS versions 2.0-rc3 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a forum post. This could potentially lead to unauthorized actions on the website. **Recommendations** For PHPEcho CMS version 2.0-rc3, update to a version that includes a fix for this issue, as using outdated software can pose significant security risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPEcho CMS version 2.0-rc3 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in a thread action within the forum module of the index.php file. **Recommendations** For PHPEcho CMS version 2.0-rc3, consider restricting access to the forum module until a fix is available, and avoid using the `id` parameter in thread actions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LightOpenCMS version 0.1 **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `cwd` parameter. This could potentially lead to remote file inclusion attacks. **Recommendations** For LightOpenCMS version 0.1, restrict access to the `smarty.php` file in the `locms` directory to minimize the risk of exploitation. Avoid using the `cwd` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Adam Patterson Studio Lounge Address Book version 2.5 Description: The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the `upload-file.php` endpoint, and then accessing it via a direct request to the file in `profiles/`. This is reachable from `index2.php`. Recommendations: For Adam Patterson Studio Lounge Address Book version 2.5, consider disabling the `upload-file.php` endpoint until a patch is available to prevent remote attackers from uploading malicious files. Restrict access to the `profiles/` directory to minimize the risk of exploitation. Avoid using executable file extensions in uploads to prevent arbitrary code execution.

**Name of the Vulnerable Software and Affected Versions** SMA-DB version 0.3.13 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the ` page css` and ` page javascript` parameters in the theme/format.php file. **Recommendations** For SMA-DB version 0.3.13, consider restricting access to the theme/format.php file to minimize the risk of exploitation. Avoid using the ` page css` and ` page javascript` parameters in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: ComicShout version 2.8 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `news id` parameter in the "news.php" file. Recommendations: For ComicShout version 2.8, consider restricting access to the `news id` parameter in the "news.php" file until a patch is available. As a temporary workaround, avoid using the `news id` parameter in the affected endpoint.

Name of the Vulnerable Software and Affected Versions: Maran PHP Shop (affected versions not specified) Description: The issue allows remote attackers to bypass authentication and gain administrative access. This is achieved by setting the `user` cookie to `demo` in the `admin.php` file. Recommendations: For Maran PHP Shop, consider restricting access to the `admin.php` file until a patch is available. As a temporary workaround, avoid using the `demo` value for the `user` cookie to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cybershade CMS version 0.2b **Description** The issue concerns remote file inclusion vulnerabilities in the index.php file of Cybershade CMS. When register globals is enabled, remote attackers can execute arbitrary PHP code via a URL in the `THEME header` and `THEME footer` parameters. **Recommendations** For Cybershade CMS version 0.2b, consider disabling the register globals setting to prevent exploitation. As a temporary workaround, restrict access to the index.php file and avoid using the `THEME header` and `THEME footer` parameters until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LightBlog version 9.8 **Description** The issue allows remote attackers to include and execute arbitrary local files. This can be achieved by exploiting directory traversal vulnerabilities when the `magic quotes gpc` setting is disabled. The vulnerabilities exist in the `username` parameter to `view member.php`, the `username post` parameter to `login.php`, and the `Lightblog username` cookie parameter to `check user.php`. Attackers can use a .. (dot dot) sequence in these parameters to traverse directories. **Recommendations** For LightBlog version 9.8, consider disabling the `view member.php`, `login.php`, and `check user.php` scripts until a patch is available, or restrict access to these scripts to minimize the risk of exploitation. Additionally, enable the `magic quotes gpc` setting to prevent directory traversal attacks via the `username`, `username post`, and `Lightblog username` parameters.

**Name of the Vulnerable Software and Affected Versions** ScriptsEz Easy Image Downloader (affected versions not specified) **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using a .. (dot dot) in the `id` parameter within a download action. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScriptsEz Mini Hosting Panel (affected versions not specified) **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary local files. This is achieved by including a .. (dot dot) in the `dir` parameter within a view action in the members.php file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LokiCMS versions 0.3.4 and earlier **Description** The issue allows remote attackers to check for the existence of arbitrary files via a .. (dot dot) in the `page` parameter of the index.php file when magic quotes gpc is disabled. **Recommendations** For versions 0.3.4 and earlier, consider disabling the `page` parameter in the index.php file or enabling magic quotes gpc to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Werner Hilversum Clean CMS version 1.5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the full txt.php file. **Recommendations** For Werner Hilversum Clean CMS version 1.5, consider restricting access to the full txt.php file until a patch is available. As a temporary workaround, avoid using the `id` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ASPPortal (affected versions not specified) **Description** A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the `Topic Id` parameter in the content/forums/reply.asp file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** myWebland Bloggie Lite version 0.0.2 beta **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by crafting a cookie that exploits the SQL injection vulnerability in the genscode.php file. **Recommendations** For myWebland Bloggie Lite version 0.0.2 beta, consider restricting access to the genscode.php file until a patch is available. As a temporary workaround, avoid using user-supplied input in SQL queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.