Sl4Xuz

Name of the Vulnerable Software and Affected Versions: AvailScript Article Script (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `aIDS` parameter in the "articles.php" file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Availscript Photo Album (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands via the `sid` parameter in the "pics.php" file. This can lead to unauthorized access and manipulation of database content. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Availscript Photo Album (affected versions not specified) Description: The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerabilities are found in the `sid` parameter to "pics.php" and the `a` parameter to "view.php". Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Mr. CGI Guy Hot Links SQL-PHP versions 3.0 and earlier Description: A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the `id` parameter in the "report.php" file. Recommendations: For versions 3.0 and earlier, consider restricting access to the report.php file until a fix is available. As a temporary workaround, avoid using the `id` parameter in the report.php file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: AvailScript Article Script (affected versions not specified) Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `aIDS` parameter in the articles.php file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Mr. CGI Guy Hot Links SQL-PHP versions 3.0 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "report.php" file. Recommendations: For versions 3.0 and earlier, avoid using the `id` parameter in the report.php file until a fix is available. As a temporary workaround, consider restricting access to the report.php file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Gonafish LinksCaffePRO version 4.5 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `idd` parameter in a "deadlink" action in the index.php file. Recommendations: For Gonafish LinksCaffePRO version 4.5, consider restricting access to the index.php file or the "deadlink" action to minimize the risk of exploitation. As a temporary workaround, avoid using the `idd` parameter in the affected action until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.