Skull-Hacker

**Name of the Vulnerable Software and Affected Versions** Plohni Shoutbox version 1.0 **Description** The issue allows remote attackers to inject arbitrary web script or HTML. This is achieved via the `input name` and `input text` parameters in index.php. **Recommendations** For Plohni Shoutbox version 1.0, consider validating and sanitizing user input for the `input name` and `input text` parameters to prevent arbitrary web script or HTML injection. As a temporary workaround, restrict access to index.php to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Image voting version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `show` parameter in the "index.php" file. **Recommendations** For version 1.0, consider restricting access to the `show` parameter in the "index.php" file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.