Athos

Name of the Vulnerable Software and Affected Versions: MauryCMS versions 0.53.2 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `c` parameter in the Rss.php file. Recommendations: For MauryCMS versions 0.53.2 and earlier, update to a version later than 0.53.2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** e-Vision CMS versions 2.0.2 and earlier **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in specific parameters. This can be achieved by manipulating the `adminlang` cookie to `admin/ind ex.php` or the `module` parameter to various PHP files in the `adminpart` directory of different modules, such as `add3rdparty.php`, `addpolling.php`, `addcontact.php`, `addbrandnews.php`, `addnewsletter.php`, `addgame.php`, `addtour.php`, `addarticles.php`, `addproduct.php`, or `addplain.php`. The vulnerability is particularly exploitable when `magic quotes gpc` is disabled. **Recommendations** For e-Vision CMS versions 2.0.2 and earlier, consider disabling the execution of arbitrary local files until a patch is available. Restrict access to the vulnerable PHP files in the `adminpart` directory of different modules to minimize the risk of exploitation. Avoid using the `module` parameter in the affected API endpoints until the issue is resolved. As a temporary workaround, enable `magic quotes gpc` to prevent the exploitation of the directory traversal vulnerability.

Name of the Vulnerable Software and Affected Versions: phpBB Tag Board module versions 4.0 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands via the `id` parameter in a "delete" action. This is a SQL injection vulnerability in the tag board.php file of the Tag Board module. Recommendations: For versions 4.0 and earlier, avoid using the `id` parameter in the delete action until the issue is resolved. As a temporary workaround, consider restricting access to the tag board.php file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Openasp versions 3.0 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `idpage` parameter in the pages module. Recommendations: For Openasp versions 3.0 and earlier, update to a version later than 3.0 to resolve the issue. As a temporary workaround, consider restricting access to the `idpage` parameter in the pages module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PunBB PunPortal module versions prior to 2.0 **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `pun user[language]` parameter in the login.php file. **Recommendations** For PunBB PunPortal module versions prior to 2.0, update to version 2.0 or later to resolve the issue.