Kil13R

**Name of the Vulnerable Software and Affected Versions** MoniWiki versions prior to 1.1.2-20060702 **Description** The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary Javascript via the URL, which is then reflected back in an error message. **Recommendations** For versions prior to 1.1.2-20060702, update to version 1.1.2-20060702 or later to resolve the issue. As a temporary workaround, consider restricting access to the wiki.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Netsoft smartNet version 2.0 **Description** The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the `keyWord` parameter in the "search.jsp" file. **Recommendations** For Netsoft smartNet version 2.0, consider restricting access to the `search.jsp` file or validating and sanitizing the `keyWord` parameter to prevent injection of malicious scripts.

**Name of the Vulnerable Software and Affected Versions** Namo DeepSearch version 4.5 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the `p` parameter in the mclient.cgi component. **Recommendations** For Namo DeepSearch version 4.5, avoid using the `p` parameter in the mclient.cgi component until a fix is available. As a temporary workaround, consider restricting access to the mclient.cgi component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Syworks SafeNET (affected versions not specified) **Description** The issue allows local users to bypass restrictions on network resource consumption. This is achieved by editing the policy.dat file, which suggests a lack of proper access controls or file system permissions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ESTsoft InternetDISK versions prior to 2006/04/20 **Description** The issue allows remote authenticated users to execute arbitrary code. This could potentially be achieved by uploading a file with multiple extensions into the WebLink directory. **Recommendations** For versions prior to 2006/04/20, update to a version released after 2006/04/20 to resolve the issue.