Tw8

**Name of the Vulnerable Software and Affected Versions** Phoenix View CMS versions Pre Alpha2 and earlier **Description** The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the `ltarget` parameter to "admin/admin frame.php" and the `conf` parameter to several files in "admin/module/", including "gbuch.admin.php", "links.admin.php", "menue.admin.php", "news.admin.php", and "todo.admin.php". **Recommendations** For Phoenix View CMS versions Pre Alpha2 and earlier, consider disabling access to the vulnerable parameters `ltarget` and `conf` in the affected files until a patch is available. Restrict access to the admin/module/ directory to minimize the risk of exploitation. Avoid using the `ltarget` parameter in "admin/admin frame.php" and the `conf` parameter in the specified admin files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Phoenix View CMS versions Pre Alpha2 and earlier **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `ltarget` parameter in the "admin/admin frame.php" file. **Recommendations** For Phoenix View CMS versions Pre Alpha2 and earlier, consider restricting access to the "admin/admin frame.php" file and avoid using the `ltarget` parameter until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Phoenix View CMS versions Pre Alpha2 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `del` parameter to several API endpoints, including "gbuch.admin.php", "links.admin.php", "menue.admin.php", "news.admin.php", and "todo.admin.php" in the "admin/module/" directory. **Recommendations** For Phoenix View CMS versions Pre Alpha2 and earlier, consider restricting access to the vulnerable API endpoints until a fix is available. As a temporary workaround, avoid using the `del` parameter in the affected endpoints.