Phuket

**Name of the Vulnerable Software and Affected Versions** PHPKit version 1.6.1 **Description** The issue allows remote authenticated administrators to execute arbitrary PHP code by uploading a .php file to the content/images/ directory using the "images.php" endpoint. This can be done by exploiting an unrestricted file upload vulnerability in the "admin/admin.php" file. **Recommendations** For PHPKit version 1.6.1, restrict access to the "images.php" endpoint to prevent uploading of malicious files, and consider implementing validation on uploaded files to prevent execution of arbitrary PHP code. As a temporary workaround, consider disabling the file upload functionality in the admin panel until a patch is available.

**Name of the Vulnerable Software and Affected Versions** PHPKit version 1.6.1 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `letter` parameter to the "login/member.php" API endpoint or the `im receiver` parameter to the "login/imcenter.php" API endpoint. **Recommendations** For PHPKit version 1.6.1, consider restricting access to the "login/member.php" and "login/imcenter.php" API endpoints to minimize the risk of exploitation. Avoid using the `letter` and `im receiver` parameters in these endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** MyBB version 1.00 RC4 with Security Patch **Description** The issue allows remote attackers to execute arbitrary SQL commands, potentially leading to data manipulation or extraction. This can be achieved via several API endpoints, including "index.php", "member.php", "search.php", and "polls.php", by exploiting the `Username` field, `action` parameter, or `polloptions` parameter. **Recommendations** For MyBB version 1.00 RC4 with Security Patch, consider disabling the `Username` field in "index.php" and "member.php", restricting access to the `action` parameter in "search.php" and "member.php", and limiting the use of the `polloptions` parameter in "polls.php" until a patch is available.