Nukedx

**Name of the Vulnerable Software and Affected Versions** VistaBB versions 2.0.33 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `phpbb root path` parameter in includes/functions mod user.php or includes/functions portal.php. **Recommendations** For VistaBB versions 2.0.33 and earlier, consider restricting access to the `phpbb root path` parameter in the affected files until a patch is available. As a temporary workaround, avoid using the `phpbb root path` parameter in the includes/functions mod user.php and includes/functions portal.php files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IntegraMOD Portal versions 2.x and earlier **Description** The issue allows remote attackers to read arbitrary files via an absolute pathname in the `phpbb root path` parameter when `magic quotes gpc` is disabled. **Recommendations** For IntegraMOD Portal versions 2.x and earlier, consider disabling the `phpbb root path` parameter or enabling `magic quotes gpc` to prevent exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** IntegraMOD Portal versions 2.x and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `phpbb root path` parameter in the includes/functions portal.php file. **Recommendations** For IntegraMOD Portal versions 2.x and earlier, update to a version that fixes this issue, ensuring that the `phpbb root path` parameter is properly validated to prevent remote file inclusion attacks.

**Name of the Vulnerable Software and Affected Versions** MyBloggie versions 2.1.1 and earlier **Description** A remote file inclusion issue allows remote attackers to execute arbitrary PHP code via a URL in the `mybloggie root path` parameter to admin.php. The issue's validity has been disputed, with some follow-ups suggesting it may be related to another module, as the MyBloggie source code does not demonstrate the issue. Additionally, it has been noted that scode.php is not part of the MyBloggie distribution. **Recommendations** For MyBloggie versions 2.1.1 and earlier, consider restricting access to the `admin.php` endpoint to minimize the risk of exploitation. Avoid using the `mybloggie root path` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: EzASPSite versions 2.0 RC3 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands and obtain the SHA1 hash of the admin password via the `Scheme` parameter in Default.asp. Recommendations: For EzASPSite versions 2.0 RC3 and earlier, consider restricting access to the Default.asp page until a fix is available. As a temporary workaround, avoid using the `Scheme` parameter in the affected page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ASPPortal versions 3.1.1 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via several parameters in different ASP files, including the `downloadid` parameter in "download click.asp", the `content ID` parameter in "news/News Item.asp". Authenticated administrators can also conduct attacks through various parameters, such as the `user id` parameter to "users/add edit user.asp", the `bannerid` parameter to "banner adds/banner add edit.asp", the `cat id` parameter to "categories/add edit cat.asp", the `Content ID` parameter to "News/add edit news.asp", the `download id` parameter to "downloads/add edit download.asp", the `Poll ID` parameter to "poll/add edit poll.asp", the `contactid` parameter to "contactus/contactus add edit.asp", and the `sortby` parameter to "poll/poll list.asp". Additionally, unspecified inputs to "downloads/add edit download.asp" are also vulnerable. **Recommendations** For ASPPortal versions 3.1.1 and earlier, consider disabling the SQL execution functionality in the affected ASP files until a patch is available. Restrict access to the vulnerable parameters, such as `downloadid`, `content ID`, `user id`, `bannerid`, `cat id`, `Content ID`, `download id`, `Poll ID`, `contactid`, and `sortby`, to minimize the risk of exploitation. Avoid using unspecified inputs to "downloads/add edit download.asp" until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cilem Hiber version 1.1 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `haber id` parameter in the "yazdir.asp" file. **Recommendations** For Cilem Hiber version 1.1, avoid using the `haber id` parameter in the vulnerable API endpoint until the issue is resolved. Consider restricting access to the "yazdir.asp" file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mini-Nuke CMS System versions 1.8.2 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `hid` parameter in the "news.asp" file. **Recommendations** For Mini-Nuke CMS System versions 1.8.2 and earlier, avoid using the `hid` parameter in the news.asp file until a fix is available. Consider restricting access to the news.asp file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.