S4Avrd0W

Name of the Vulnerable Software and Affected Versions: AIST NetCat versions 3.0 through 3.12 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `PollID` parameter in the modules/poll/index.php file. Recommendations: For AIST NetCat versions 3.0 through 3.12, avoid using the `PollID` parameter in the affected module until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: eZ Publish versions 3.5.6 and earlier eZ Publish versions prior to 3.9.5 eZ Publish versions prior to 3.10.1 eZ Publish versions prior to 4.0.1 Description: The issue allows remote attackers to gain privileges as other users via modified parameters in the registration view. The affected API endpoint is "/user/register". The vulnerable parameters include `ContentObjectAttribute data user login 30` and `ContentObjectAttribute data user password 30`. Recommendations: For versions 3.5.6 and earlier, update to a version later than 3.5.6. For versions prior to 3.9.5, update to version 3.9.5 or later. For versions prior to 3.10.1, update to version 3.10.1 or later. For versions prior to 4.0.1, update to version 4.0.1 or later.

**Name of the Vulnerable Software and Affected Versions** Phpclanwebsite versions 1.23.3 Fix Pack 5 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands due to multiple SQL injection vulnerabilities. This can be achieved via various parameters, including the `page` parameter to "index.php", `form id` parameter to "pcw/processforms.php", `pcwlogin` and `pcw pass` parameters to "pcw/setlogin.php", `searchvalue` parameter to "pcw/downloads.php", and the `searchvalue` and `whichfield` parameters to "pcw/downloads.php". These vulnerabilities are exploitable when `magic quotes gpc` is disabled. **Recommendations** For Phpclanwebsite versions 1.23.3 Fix Pack 5 and earlier, consider disabling the affected parameters, such as `page`, `form id`, `pcwlogin`, `pcw pass`, `searchvalue`, and `whichfield`, until a patch is available. Additionally, enabling `magic quotes gpc` may help mitigate the risk of exploitation. However, the most effective solution would be to update to a version where these vulnerabilities are fixed, once such a version is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Phpclanwebsite versions 1.23.3 Fix Pack 5 and earlier **Description** The issue allows remote attackers to include and execute arbitrary files via directory traversal vulnerabilities. This is possible when `magic quotes gpc` is disabled and `register globals` is enabled. The vulnerabilities can be exploited through the `boxname` parameter to "theme/superchrome/box.php" and the `theme` parameter to "phpclanwebsite/footer.php". **Recommendations** For Phpclanwebsite versions 1.23.3 Fix Pack 5 and earlier, consider disabling the `register globals` setting and enabling `magic quotes gpc` to mitigate the risk of exploitation. Additionally, restrict access to the `box.php` and `footer.php` files until a patch is available. Avoid using the `boxname` and `theme` parameters in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Phpclanwebsite (aka PCW) versions 1.23.3 Fix Pack 5 and earlier **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This allows remote attackers to inject arbitrary web script or HTML via the `page` parameter and other unspecified vectors. **Recommendations** For versions 1.23.3 Fix Pack 5 and earlier, update to a version later than 1.23.3 Fix Pack 5 to resolve the issue. As a temporary workaround, consider restricting access to the `index.php` file until a patch is available. Avoid using the `page` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** AIST NetCat versions 3.12 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is possible when the `magic quotes gpc` setting is disabled. The vulnerability can be exploited via the query string. **Recommendations** For AIST NetCat versions 3.12 and earlier, consider disabling the password recovery module in modules/auth/password recovery.php until a patch is available. Restrict access to the password recovery functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** AIST NetCat versions 3.12 and earlier **Description** The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the `form` and `control` parameters to "FCKeditor/neditor.php", and the `path` parameter to "admin/siteinfo/iframe.inc.php". **Recommendations** For AIST NetCat versions 3.12 and earlier, consider disabling access to the "FCKeditor/neditor.php" and "admin/siteinfo/iframe.inc.php" endpoints until a fix is available. Restrict the use of the `form`, `control`, and `path` parameters in these endpoints to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** AIST NetCat versions 3.12 and earlier **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `system` parameter in "modules/netshop/post.php" and the `INCLUDE FOLDER` parameter in various files, including "auth.inc.php", "banner.inc.php", "blog.inc.php", and "forum.inc.php" in "modules/". This can occur when `magic quotes gpc` is disabled and `register globals` is enabled. **Recommendations** For AIST NetCat versions 3.12 and earlier, consider disabling the `register globals` setting and enabling `magic quotes gpc` to mitigate the risk of exploitation. Additionally, restrict access to the vulnerable parameters, such as `system` and `INCLUDE FOLDER`, in the affected files until a patch is available. As a temporary workaround, consider removing or restricting the .. (dot dot) sequence in user-input data for the `system` parameter in "modules/netshop/post.php" and the `INCLUDE FOLDER` parameter in the mentioned files.

**Name of the Vulnerable Software and Affected Versions** AIST NetCat versions 3.12 and earlier **Description** The issue involves multiple CRLF injection vulnerabilities. These vulnerabilities allow remote attackers to have an unknown impact via unspecified vectors, including (1) a `%0a` sequence in a `cookie` and (2) the "add.php" file. **Recommendations** For AIST NetCat versions 3.12 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AIST NetCat versions 3.12 and earlier **Description** The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. This can be achieved via the `redirect` parameter in a logoff action to "modules/auth/index.php" or the `url` parameter to "modules/linkmanager/redirect.php". **Recommendations** For AIST NetCat versions 3.12 and earlier, consider disabling the logoff action to "modules/auth/index.php" and restricting access to the "modules/linkmanager/redirect.php" endpoint until a patch is available. Avoid using the `redirect` and `url` parameters in the affected API endpoints until the issue is resolved.