Soulblack

Name of the Vulnerable Software and Affected Versions: MyGuestbook version 0.6.1 Description: The issue allows remote attackers to execute arbitrary PHP code via the `lang` parameter in the form.inc.php3 file. Recommendations: For MyGuestbook version 0.6.1, avoid using the `lang` parameter in the affected form.inc.php3 file until the issue is resolved. Restrict access to the form.inc.php3 file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: E-Cart 2004 versions 1.1 and earlier Description: The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the `art` and possibly `cat` parameters in the "index.cgi" file. Recommendations: For E-Cart 2004 versions 1.1 and earlier, consider restricting access to the "index.cgi" file until a patch is available. As a temporary workaround, avoid using the `art` and `cat` parameters in the affected API endpoint until the issue is resolved.