Bd0Rk

**Name of the Vulnerable Software and Affected Versions** CF Image Hosting Script versions 1.3.82 through 1.4.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `q` parameter in the inc/tesmodrewite.php file. **Recommendations** For CF Image Hosting Script versions 1.3.82 through 1.4.1, update to version 1.4.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Gaestebuch version 1.2 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `script pfad` parameter in the guestbook/gbook.php file. **Recommendations** For Gaestebuch version 1.2, avoid using the `script pfad` parameter in the guestbook/gbook.php file until a fix is available. Consider restricting access to the guestbook/gbook.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Kontakt Formular version 1.1 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `script pfad` parameter in the formmailer.php file. **Recommendations** For Kontakt Formular version 1.1, consider restricting access to the formmailer.php file or validating and sanitizing the `script pfad` parameter to prevent remote file inclusion attacks. As a temporary workaround, avoid using the `script pfad` parameter in the formmailer.php file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ea gBook versions 0.1 through 0.1.4 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `inc ordner` parameter. This is a result of a PHP remote file inclusion vulnerability in the index inc.php file. **Recommendations** For ea gBook versions 0.1 through 0.1.4, consider restricting access to the `inc ordner` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gästebuch version 1.6 **Description** The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the gastbuch.php file. This is achieved by using a .. (dot dot) in the `start` parameter. **Recommendations** For version 1.6, consider restricting access to the gastbuch.php file until a patch is available. As a temporary workaround, avoid using the `start` parameter with .. (dot dot) sequences to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Enhanced Simple PHP Gallery (ESPG) version 1.72 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files by using a .. (dot dot) in the `file` parameter of the gallery/comment.php script. **Recommendations** For Enhanced Simple PHP Gallery (ESPG) version 1.72, consider restricting access to the gallery/comment.php script until a fix is available, or apply a workaround to sanitize the `file` parameter to prevent directory traversal attacks.

**Name of the Vulnerable Software and Affected Versions** mxBB mx blogs version 2.0.0 beta **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `mx root path` parameter in the includes/functions weblog.php file. **Recommendations** For mxBB mx blogs version 2.0.0 beta, consider restricting access to the `mx root path` parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the `mx root path` parameter in the affected includes/functions weblog.php file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** eXtreme Styles module (XS-Mod) versions 2.3.1 through 2.4.0 **Description** The issue allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the `phpEx` parameter of the admin/admin xs.php file. This is a directory traversal vulnerability. **Recommendations** For versions 2.3.1 and 2.4.0, consider restricting access to the admin/admin xs.php file until a fix is available. As a temporary workaround, avoid using the `phpEx` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Kontakt Formular version 1.4 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `root path` parameter in the includes/function.php file. **Recommendations** For version 1.4, consider restricting access to the `includes/function.php` file or avoid using the `root path` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mxBB module mx glance version 2.3.3 **Description** The issue allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in the `mx root path` parameter. This is due to a critical security check being placed within a comment because of a missing comment delimiter in the contrib/mx glance sdesc.php file. **Recommendations** For mxBB module mx glance version 2.3.3, consider restricting access to the `mx root path` parameter to minimize the risk of exploitation. Additionally, ensure proper comment delimiters are used in the contrib/mx glance sdesc.php file to prevent security checks from being ignored. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gigs version 1.2.1 **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `language` parameter of the activateuser.php file. **Recommendations** For Gigs version 1.2.1, consider restricting access to the activateuser.php file or validating the `language` parameter to prevent directory traversal attacks until a patch is available.

Name of the Vulnerable Software and Affected Versions: phpBB SupaNav module version 1.0.0 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `phpbb root path` parameter in the link main.php file of the SupaNav module for phpBB. Recommendations: For version 1.0.0, consider restricting access to the link main.php file or the `phpbb root path` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mxBB FAQ & RULES module versions 2.0.0 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `module root path` parameter in the faq.php file of the FAQ & RULES module for mxBB. **Recommendations** For mxBB FAQ & RULES module versions 2.0.0 and earlier, consider restricting access to the faq.php file until a patch is available, and avoid using the `module root path` parameter in the affected module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHP-Generics version 1.0 beta **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the ` APP RELATIVE PATH` parameter to specific API endpoints: "include.php", "dbcommon/include.php", and "exception/include.php". **Recommendations** For PHP-Generics version 1.0 beta, consider restricting access to the ` APP RELATIVE PATH` parameter in the affected API endpoints until a patch is available. As a temporary workaround, avoid using the ` APP RELATIVE PATH` parameter in the "include.php", "dbcommon/include.php", and "exception/include.php" endpoints to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** mxBB Shotcast module versions 1.0 RC2 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `mx root path` parameter in the getinfo1.php file of the Shotcast module for mxBB. **Recommendations** For mxBB Shotcast module version 1.0 RC2, consider restricting access to the getinfo1.php file until a patch is available, and avoid using the `mx root path` parameter in this file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MX Smartor Full Album Pack (FAP) version 2.0 RC1 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `phpbb root path` parameter in the admin/admin album otf.php file. This can be exploited by providing a malicious URL. **Recommendations** For MX Smartor Full Album Pack (FAP) version 2.0 RC1, consider restricting access to the `admin/admin album otf.php` file until a patch is available. Avoid using the `phpbb root path` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cyboards PHP Lite version 1.21 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `script path` parameter in the include/default header.php file. **Recommendations** For Cyboards PHP Lite version 1.21, consider restricting access to the `include/default header.php` file to minimize the risk of exploitation. Avoid using the `script path` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** phpBB Mutant portal version 0.9.2 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `phpbb root path` parameter in the mutant functions.php file. **Recommendations** For version 0.9.2, consider restricting access to the mutant functions.php file until a patch is available. Avoid using the `phpbb root path` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** eBoard version 1.0.7 **Description** A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files. This is achieved by using a .. (dot dot) in the `GLOBALS[name]` parameter. **Recommendations** For version 1.0.7, consider restricting access to the `member.php` file until a patch is available. As a temporary workaround, avoid using the `GLOBALS[name]` parameter in the affected module to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: phpBB Forum picture and META tags module version 1.7 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `phpbb root path` parameter in the MOD forum fields parse.php file. Recommendations: For phpBB Forum picture and META tags module version 1.7, avoid using the `phpbb root path` parameter in the MOD forum fields parse.php file until the issue is resolved. Restrict access to the MOD forum fields parse.php file to minimize the risk of exploitation.