M.Hasran Addahroni

**Name of the Vulnerable Software and Affected Versions** BusinessSpace versions 1.2 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter to "index.php". **Recommendations** For BusinessSpace versions 1.2 and earlier, update to a version later than 1.2 to resolve the issue. As a temporary workaround, consider restricting access to the "classified.php" page and avoid using the `id` parameter in the "index.php" endpoint until a patch is available.

Name of the Vulnerable Software and Affected Versions: Relative Real Estate Systems versions 3.0 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `listing id` parameter in a "listings" action. Recommendations: For versions 3.0 and earlier, update to a version later than 3.0 to resolve the issue. As a temporary workaround, consider restricting access to the `listing id` parameter in the affected API endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Pre ADS Portal versions 2.0 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `cid` parameter to "showcategory.php" and the `id` parameter to "software-description.php" when `magic quotes gpc` is disabled. **Recommendations** For Pre ADS Portal versions 2.0 and earlier, consider disabling the execution of SQL commands via the `cid` and `id` parameters in "showcategory.php" and "software-description.php" respectively, until a patch is available. Additionally, enabling `magic quotes gpc` can help mitigate the risk of SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** Relative Real Estate Systems versions 3.0 and earlier **Description** The issue allows context-dependent attackers to obtain sensitive information because passwords are stored in cleartext in a MySQL database. **Recommendations** For versions 3.0 and earlier, update the password storage mechanism to use a secure hashing algorithm to protect user passwords.

**Name of the Vulnerable Software and Affected Versions** AnServ Auction XL (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `cat` parameter in the `viewfaqs.php` file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PostNuke pnEncyclopedia module versions 0.2.0 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `id` parameter in a `display term` action to the "index.php" endpoint. **Recommendations** For PostNuke pnEncyclopedia module versions 0.2.0 and earlier, consider restricting access to the `display term` action in the "index.php" endpoint to minimize the risk of exploitation. Avoid using the `id` parameter in this endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** BackLinkSpider (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `cat id` parameter in site-specific component names, such as "link.php" or "backlinkspider.php". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Softbiz Web Host Directory Script (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `host id` parameter in the "search result.php" file when magic quotes gpc is disabled. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Prozilla Hosting Index (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cat id` parameter in a 'list' action when `magic quotes gpc` is disabled. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RSGallery (com rsgallery) versions 2.0 beta 5 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `catid` parameter in an inline page action in the index.php file. **Recommendations** For versions 2.0 beta 5 and earlier, consider restricting access to the `catid` parameter in the inline page action until a patch is available. As a temporary workaround, avoid using the `catid` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** AlstraSoft E-Friends versions 4.98 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `seid` parameter in a "viewevent" action. **Recommendations** For versions 4.98 and earlier, consider restricting access to the vulnerable `index.php` file until a patch is available. As a temporary workaround, avoid using the `seid` parameter in the "viewevent" action to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ProfileCMS versions 1.0 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `id` parameter in various actions across different modules, including (1) codes action in the profile-codes module, (2) videos action in the video-codes module, or (3) games action in the arcade-games module. **Recommendations** For ProfileCMS versions 1.0 and earlier, as a temporary workaround, consider restricting access to the `id` parameter in the mentioned modules until a patch is available. Avoid using the `id` parameter in the affected API endpoints, such as those related to the profile-codes, video-codes, and arcade-games modules, until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

PHP remote file inclusion vulnerability in order/login.php in IDevSpot PhpHostBot 1.06 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the svr rootscript parameter, a different vector than CVE-2007-4094 and CVE-2006-3776.

**Name of the Vulnerable Software and Affected Versions** wp-Table plugin for WordPress versions 1.43 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `wpPATH` parameter when `register globals` is enabled. **Recommendations** For wp-Table plugin for WordPress versions 1.43 and earlier, consider disabling the `register globals` setting to prevent exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** wordTube plugin for WordPress versions 1.43 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `wpPATH` parameter when `register globals` is enabled. **Recommendations** For wordTube plugin for WordPress versions 1.43 and earlier, consider disabling the `register globals` setting to prevent exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** wordTube plugin for WordPress versions 1.43 and earlier **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `wpPATH` parameter when `register globals` is enabled. **Recommendations** For wordTube plugin for WordPress versions 1.43 and earlier, consider disabling the `wpPATH` parameter or restricting its use until a patch is available. Additionally, disabling `register globals` can help mitigate the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** wp-Table plugin for WordPress versions 1.43 and earlier **Description** A directory traversal issue exists when register globals is enabled, allowing remote attackers to include and execute arbitrary local files via the `wpPATH` parameter in the js/wptable-button.php file. **Recommendations** For wp-Table plugin for WordPress versions 1.43 and earlier, consider disabling the register globals setting to mitigate the risk of exploitation. Additionally, restrict access to the js/wptable-button.php file to minimize the risk of arbitrary file inclusion. Avoid using the `wpPATH` parameter in the affected file until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Softerra Time-Assistant versions 6.2 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `inc dir` or `lib dir` parameters when `register globals` is enabled. Recommendations: For Softerra Time-Assistant versions 6.2 and earlier, consider disabling the `register globals` setting to prevent exploitation until a patch is available. Restrict access to the `lib/timesheet.class.php` file to minimize the risk of exploitation. Avoid using the `inc dir` and `lib dir` parameters in URLs until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: C-Arbre versions 0.6PR7 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `root path` parameter to various PHP files, including (1) `Richtxt functions.inc.php`, (2) `adddocfile.php`, (3) `auth check.php`, (4) `browse current category.inc.php`, (5) `docfile details.php`, (6) `main.php`, (7) `mainarticle.php`, (8) `maindocfile.php`, (9) `modify.php`, (10) `new.php`, (11) `resource details.php`, or (12) `smallsearch.php` in `lib/`; or (13) `mwiki/LocalSettings.php`. Recommendations: For C-Arbre versions 0.6PR7 and earlier, consider disabling the `root path` parameter in the affected PHP files until a patch is available. Restrict access to the vulnerable PHP files in `lib/` and `mwiki/` to minimize the risk of exploitation. Avoid using the `root path` parameter in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** bitesser MySQL Commander versions 2.7 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `home` parameter when `register globals` is enabled. **Recommendations** For bitesser MySQL Commander versions 2.7 and earlier, consider disabling the `register globals` setting to prevent exploitation until a patch is available. Restrict access to the ressourcen/dbopen.php file to minimize the risk of arbitrary PHP code execution.