Pr0Metheus

**Name of the Vulnerable Software and Affected Versions** ClipShare version 2.6 **Description** The issue allows remote attackers to change the profile of arbitrary users by modifying the `uid` variable in the "siteadmin/useredit.php" endpoint. This can be exploited to recover a user's password by using a modified e-mail address in the `email` parameter to "recoverpass.php". **Recommendations** For ClipShare version 2.6, consider restricting access to the "siteadmin/useredit.php" and "recoverpass.php" endpoints until a proper fix is available. As a temporary workaround, restrict the use of the `uid` variable and the `email` parameter in these endpoints to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PhotoKorn (affected versions not specified) **Description** The issue allows remote attackers to obtain database credentials by making a direct request to the "update/update3.php" endpoint, which includes the credentials in its output. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CustomCMS (CCMS) version 3.1 Demo **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `p` parameter in the "Console page" API endpoint, specifically in the admin.php and vars.php files. **Recommendations** For CustomCMS (CCMS) version 3.1 Demo, consider restricting access to the `p` parameter in the Console page until a patch is available. As a temporary workaround, avoid using the `p` parameter in the affected API endpoint.