R4Dc0Re

**Name of the Vulnerable Software and Affected Versions** Ad Manager Pro version 3.0 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `pageId` parameter in the website-page.php file. **Recommendations** For Ad Manager Pro version 3.0, avoid using the `pageId` parameter in the vulnerable website-page.php file until a patch is available. As a temporary workaround, consider restricting access to the website-page.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Techno Dreams (T-Dreams) Job Career Package version 3.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `z Residency` parameter in the Resumes/TD RESUME Indlist.asp file. **Recommendations** For version 3.0, avoid using the `z Residency` parameter in the Resumes/TD RESUME Indlist.asp file until the issue is resolved. As a temporary workaround, consider restricting access to the Resumes/TD RESUME Indlist.asp file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Ecommercemax Solutions Digital-goods seller (DGS) version 1.5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `d` parameter in the shoppingcart.asp file. **Recommendations** For version 1.5, avoid using the `d` parameter in the shoppingcart.asp file until a fix is available. Consider restricting access to the shoppingcart.asp file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** GateSoft DocuSafe versions 4.1.0 through 4.1.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `ECO ID` parameter in the "ECO.asp" file. **Recommendations** For GateSoft DocuSafe versions 4.1.0 through 4.1.2, consider restricting access to the ECO.asp file until a patch is available. As a temporary workaround, avoid using the `ECO ID` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** HotWebScripts HotWeb Rentals (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `PropResort` parameter in the `resorts.asp` file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Rae Media INC Real Estate Single and Multi Agent System version 3.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `probe` parameter to two specific API endpoints: "multi/city.asp" in the Multi Agent System and "resulttype.asp" in the Single Agent System. **Recommendations** For Rae Media INC Real Estate Single and Multi Agent System version 3.0, consider restricting access to the "multi/city.asp" and "resulttype.asp" endpoints to minimize the risk of exploitation. Avoid using the `probe` parameter in these endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.