Sniper456

**Name of the Vulnerable Software and Affected Versions** Matti Kiviharju rekry (aka com rekry or rekry!Joom) version 1.0.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `op id` parameter in a view action to "index.php". **Recommendations** For Matti Kiviharju rekry (aka com rekry or rekry!Joom) version 1.0.0, avoid using the `op id` parameter in the "index.php" endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Joomla! component com custompages versions 1.1 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `cpage` parameter to "index.php". **Recommendations** For versions 1.1 and earlier, update to a version later than 1.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MambAds (com mambads) versions 1.5 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `caid` parameter in the index.php file of the MambAds component for Mambo. **Recommendations** For versions 1.5 and earlier, consider restricting access to the vulnerable index.php file until a patch is available. As a temporary workaround, avoid using the `caid` parameter in the affected API endpoint until the issue is resolved.