Yenh4Cker

**Name of the Vulnerable Software and Affected Versions** Small Pirate (SPirate) version 2.1 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via an onmouseover action in an `img` BBCode tag within a `url` BBCode tag, which can lead to cross-site scripting (XSS). **Recommendations** For version 2.1, consider disabling the use of `img` and `url` BBCode tags until a patch is available to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** Small Pirate (SPirate) version 2.1 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `id` parameter to various endpoints, including the default URI in an rss .xml action, `pag1.php`, `pag1-guest.php`, `rss-comment post.php`, and `rss-pic-comment.php`. **Recommendations** For Small Pirate (SPirate) version 2.1, consider restricting access to the `id` parameter in the affected endpoints until a patch is available. As a temporary workaround, avoid using the `id` parameter in the default URI in an rss .xml action, `pag1.php`, `pag1-guest.php`, `rss-comment post.php`, and `rss-pic-comment.php` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHP Address Book versions 4.0.x **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `id` parameter to "delete.php" or the `alphabet` parameter to "index.php". **Recommendations** For PHP Address Book versions 4.0.x, consider restricting access to the "delete.php" and "index.php" scripts until a patch is available. As a temporary workaround, avoid using the `id` parameter in "delete.php" and the `alphabet` parameter in "index.php" to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Online Grades & Attendance versions 3.2.6 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `key` parameter in a 'resetpass' action to "index.php". Additionally, remote authenticated users can execute arbitrary SQL commands via the `ADD` parameter in a 'mailto' action to "parents/parents.php". **Recommendations** For versions 3.2.6 and earlier, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the `key` parameter in the 'resetpass' action to "index.php" and the `ADD` parameter in the 'mailto' action to "parents/parents.php" to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MiniTwitter version 0.2 beta **Description** The issue allows remote authenticated users to execute arbitrary SQL commands due to multiple SQL injection vulnerabilities. This occurs when the `magic quotes gpc` setting is disabled, and the `user` parameter is exploited in the `/index.php` and `/rss.php` API endpoints. **Recommendations** For MiniTwitter version 0.2 beta, consider disabling the `user` parameter in the `/index.php` and `/rss.php` API endpoints until a patch is available. Additionally, enabling the `magic quotes gpc` setting can help mitigate the risk of SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** MiniTwitter version 0.2 beta **Description** The issue allows remote authenticated users to modify certain options of arbitrary accounts. This is achieved through the `index.php` file via an `opt` action. **Recommendations** For MiniTwitter version 0.2 beta, consider restricting access to the `index.php` file or disabling the `opt` action to prevent unauthorized modifications until a fix is available.

**Name of the Vulnerable Software and Affected Versions** MIM:InfiniX versions 1.2.003 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `month` and `year` parameters in a calendar action, or a `search term` in the search form. **Recommendations** For MIM:InfiniX versions 1.2.003 and earlier, consider restricting access to the calendar action and search form until a patch is available. As a temporary workaround, avoid using the `month` and `year` parameters in the calendar action, and restrict the use of the search form to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Kjtechforce mailman version beta1 **Description** The issue concerns SQL injection vulnerabilities. These occur when an application uses user input to construct SQL queries without proper validation, allowing attackers to inject malicious SQL code. In this case, the vulnerabilities are present in the Kjtechforce mailman beta1 version, specifically when the magic quotes gpc setting is disabled. This setting is used to automatically escape any special characters in user input, which can help prevent SQL injection attacks. With magic quotes gpc disabled, remote attackers can execute arbitrary SQL commands. This can be achieved through two specific API endpoints: "activate.php" by manipulating the `code` parameter, and "index.php" by manipulating the `dest` parameter. **Recommendations** For Kjtechforce mailman version beta1, consider disabling the `activate.php` and `index.php` scripts until a patch is available, or ensure that the magic quotes gpc setting is enabled to mitigate the risk of SQL injection attacks. Additionally, restrict access to these scripts to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** FretsWeb version 1.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `name` parameter to "player.php" and the `hash` parameter to "song.php". **Recommendations** For FretsWeb version 1.2, avoid using the `name` parameter in the "player.php" and the `hash` parameter in the "song.php" until a fix is available. As a temporary workaround, consider restricting access to these parameters to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** FretsWeb version 1.2 **Description** The issue allows remote attackers to read arbitrary files due to multiple directory traversal vulnerabilities. This is achieved through directory traversal sequences in the `language` parameter to "charts.php" and the `fretsweb language` cookie parameter to unspecified vectors, possibly related to "admin/common.php". **Recommendations** For FretsWeb version 1.2, consider restricting access to the "charts.php" and "admin/common.php" files until a patch is available. As a temporary workaround, avoid using the `language` parameter in the "charts.php" endpoint and the `fretsweb language` cookie parameter in affected requests.

**Name of the Vulnerable Software and Affected Versions** Online Grades & Attendance versions 3.2.5 and earlier **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `GLOBALS[SKIN]` parameter to "index.php" and the `skin` parameter to "admin/admin.php" when register globals is enabled. **Recommendations** For versions 3.2.5 and earlier, consider disabling the register globals setting to prevent exploitation. As a temporary workaround, restrict access to the "index.php" and "admin/admin.php" files until a fix is available. Avoid using the `GLOBALS[SKIN]` and `skin` parameters in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Open Biller version 0.1 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `username` parameter in the "index.php" file. **Recommendations** For Open Biller version 0.1, avoid using the `username` parameter in the affected index.php file until the issue is resolved. Consider restricting access to the index.php file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Haudenschilt Family Connections CMS (FCMS) versions 1.9 and earlier Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via several parameters, including the `thread` parameter to "messageboard.php", the `member` parameter to "profile.php", the `pid` parameter to "gallery/index.php", and the `fcms login id` cookie parameter. Recommendations: For Haudenschilt Family Connections CMS (FCMS) versions 1.9 and earlier, consider restricting access to the affected API endpoints, such as "messageboard.php", "profile.php", and "gallery/index.php", until a patch is available. As a temporary workaround, avoid using the `thread`, `member`, and `pid` parameters in their respective endpoints, and restrict the use of the `fcms login id` cookie parameter.

Name of the Vulnerable Software and Affected Versions: RTWebalbum version 1.0.462 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `AlbumId` parameter in the "index.php" file. Recommendations: For RTWebalbum version 1.0.462, avoid using the `AlbumId` parameter in the affected index.php file until the issue is resolved. Consider restricting access to the index.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: myGesuad version 0.9.14 Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting (XSS) attacks. This can be achieved through various parameters in different modules, including the `Page` parameter in a List action to "modules/ereignis.php", the `Kontext` parameter in a Search action to "modules/kategorie.php", the `image` parameter to "modules/image.php", or the `ID` parameter in a Detail action to "modules/sitzung.php". Recommendations: For myGesuad version 0.9.14, consider disabling the affected modules (ereignis.php, kategorie.php, image.php, sitzung.php) until a patch is available. Restrict access to these modules to minimize the risk of exploitation. Avoid using the parameters `Page`, `Kontext`, `image`, and `ID` in the respective API endpoints until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: myColex version 1.4.2 Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting (XSS) attacks. This can be achieved through various parameters in different modules, including the `year` parameter to "modules/kalender.php", the `Page` parameter in a List action to "modules/ereignis.php", the `Kontext` parameter in a Search action to "modules/kategorie.php", or the `image` parameter to "modules/image.php". Recommendations: For myColex version 1.4.2, consider disabling the vulnerable parameters `year`, `Page`, `Kontext`, and `image` in their respective modules until a patch is available. Restrict access to the modules "modules/kalender.php", "modules/ereignis.php", "modules/kategorie.php", and "modules/image.php" to minimize the risk of exploitation. Avoid using these parameters in the affected API endpoints until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: myColex version 1.4.2 Description: The issue allows remote attackers to execute arbitrary SQL commands, potentially leading to unauthorized data access or modification. This can be achieved via the `formUser` parameter (also known as the Name field) in the `/common/login.php` endpoint. Additionally, remote authenticated users can exploit the vulnerability through the `ID` parameter in a Detail action to various PHP files, including `kategorie.php`, `medium.php`, `person.php`, or `schlagwort.php` in the `modules/` directory. The vulnerability is related to the `classes/class.perform.php` file. Recommendations: For myColex version 1.4.2, consider restricting access to the `/common/login.php` endpoint and the `modules/` directory to minimize the risk of exploitation. As a temporary workaround, avoid using the `formUser` parameter and the `ID` parameter in the affected PHP files until a patch is available.

Name of the Vulnerable Software and Affected Versions: myGesuad version 0.9.14 Description: The issue allows remote attackers to execute arbitrary SQL commands via the `formUser` parameter in the `/common/login.php` API endpoint. Additionally, remote authenticated users can execute arbitrary SQL commands via the `ID` parameter in a Detail action to several API endpoints, including `/modules/kategorie.php`, `/modules/budget.php`, `/modules/zahlung.php`, and `/modules/adresse.php`. This is related to the `classes/class.perform.php` file. Recommendations: For myGesuad version 0.9.14, consider restricting access to the vulnerable API endpoints, such as `/common/login.php`, `/modules/kategorie.php`, `/modules/budget.php`, `/modules/zahlung.php`, and `/modules/adresse.php`, until a patch is available. As a temporary workaround, avoid using the `formUser` and `ID` parameters in the affected API endpoints to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: myColex version 1.4.2 Description: The issue allows remote authenticated users to list user accounts without requiring administrative authentication. This is possible via a Find action in the modules/admuser.php file. Recommendations: For myColex version 1.4.2, consider restricting access to the modules/admuser.php file until a patch is available, or implement proper administrative authentication to prevent unauthorized access.

Name of the Vulnerable Software and Affected Versions: myGesuad version 0.9.14 (aka 0.9) Description: The issue allows remote authenticated users to list user accounts without requiring administrative authentication. This is possible through a Find action in the modules/admuser.php file. Recommendations: For myGesuad version 0.9.14 (aka 0.9), consider restricting access to the modules/admuser.php file until a patch is available, or implement additional authentication checks to ensure that only authorized administrators can perform the Find action.