Benjamin Moss

Name of the Vulnerable Software and Affected Versions: Portix-PHP version 0.4.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via the `username` and `passwd` fields in the login component. Recommendations: For Portix-PHP version 0.4.2, update to a version that fixes the SQL injection vulnerability in the login component.

Name of the Vulnerable Software and Affected Versions: Portix-PHP version 0.4.2 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the `titre` or `auteur` field in a forum post, potentially leading to cross-site scripting (XSS) attacks. Recommendations: For Portix-PHP version 0.4.2, as a temporary workaround, consider restricting user input in the `titre` and `auteur` fields to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: bitweaver versions 1.3.1 and earlier Description: The issue allows remote attackers to obtain sensitive information by forcing a SQL error through specific API endpoints, including "blogs/list blogs.php", "fisheye/index.php", "wiki/orphan pages.php", and "wiki/list pages.php", when a `sort mode` query string is set to -98. Recommendations: For bitweaver versions 1.3.1 and earlier, as a temporary workaround, consider restricting access to the affected API endpoints until a patch is available. Avoid using the `sort mode` parameter with a value of -98 in the affected endpoints to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Rapid Classified version 3.1 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "viewad.asp" file. Recommendations: For Rapid Classified version 3.1, consider restricting access to the `id` parameter in the "viewad.asp" file until a patch is available. As a temporary workaround, avoid using the `id` parameter in the affected file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Rialto version 1.6 Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via various parameters in different API endpoints, including: - the `uname` (username) and `pword` (passwd) fields in "admin/default.asp"; - the `ID` parameter to "listfull.asp" or "printmain.asp"; - the `cat` parameter to "listmain.asp", "searchoption.asp", or "searchmain.asp"; - the `Keyword` parameter to "searchkey.asp"; - the `area` parameter to "searchmain.asp" or "searchoption.asp"; - the `searchin` parameter to "searchkey.asp"; - the `cost1`, `cost2`, `acreage1`, or `squarefeet1` parameters to "searchoption.asp". Recommendations: For Rialto version 1.6, consider disabling the SQL execution functionality until a patch is available. Restrict access to the mentioned API endpoints to minimize the risk of exploitation. Avoid using the specified parameters in the affected endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: bitweaver versions 1.3.1 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `tk` parameter in the newsletters/edition.php file. Recommendations: For bitweaver versions 1.3.1 and earlier, consider restricting access to the newsletters/edition.php file until a patch is available. As a temporary workaround, avoid using the `tk` parameter in the affected file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Rialto version 1.6 Description: The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the `cat` parameter to "listmain.asp" or "searchmain.asp", the `Keyword` parameter to "searchkey.asp", or the `refno` parameter to "forminfo.asp". Recommendations: For Rialto version 1.6, as a temporary workaround, consider restricting access to the vulnerable parameters `cat`, `Keyword`, and `refno` in their respective API endpoints until a patch is available. Avoid using these parameters in the affected API endpoints "listmain.asp", "searchmain.asp", "searchkey.asp", and "forminfo.asp" until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: bitweaver versions 1.3.1 and earlier Description: The issue allows remote attackers to inject arbitrary web script or HTML via specific fields, including the message title field when submitting an article to "articles/edit.php", the message title field when submitting a blog post to "blogs/post.php", or the message description field when editing in the Sandbox in "wiki/edit.php". Recommendations: For bitweaver versions 1.3.1 and earlier, update to a version later than 1.3.1 to resolve the issue. As a temporary workaround, consider restricting user input in the message title fields and the message description field in the Sandbox to minimize the risk of exploitation. Avoid using the affected API endpoints "articles/edit.php", "blogs/post.php", and "wiki/edit.php" with unvalidated user input until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: PWP Technologies The Classified Ad System (affected versions not specified) Description: The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the `cat` or `main` parameter in the default.asp file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: MGinternet Property Site Manager (affected versions not specified) Description: The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the `s` parameter in the listings.asp file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Infinitytechs Restaurants CM (affected versions not specified) **Description** The issue concerns SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands. This can be achieved through specific parameters in different ASP files, including the `id` parameter in "rating.asp", the `mealid` parameter in "meal rest.asp", and the `resid` parameter in "res details.asp". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ASPMForum (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands via several parameters, including `soruid` in "forum2.asp", `ak` in "kullanicilistesi.asp", `kelimeler` in "aramayap.asp", and `kullaniciadi` in "giris.asp". Additionally, remote authenticated users can execute arbitrary SQL commands via the `mesajno` parameter in "mesajkutum.asp". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vikingboard version 0.1.2 **Description** The issue allows remote attackers to trigger a forced SQL error via an invalid `s` parameter in the members.php file. This might only be an exposure if display errors is enabled. **Recommendations** For Vikingboard version 0.1.2, consider disabling the display of error messages to minimize the risk of exploitation. Restrict access to the members.php file to prevent remote attackers from triggering SQL errors. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vikingboard version 0.1.2 **Description** The issue allows remote authenticated administrators to include arbitrary files via a .. (dot dot) sequence in the `act` parameter of the admin.php file. **Recommendations** For Vikingboard version 0.1.2, consider restricting access to the admin.php file to prevent exploitation, and avoid using the `act` parameter with unvalidated input until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Enthrallweb eClassifieds (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved through SQL injection vulnerabilities in several parameters, including `AD ID`, `cat id`, `sub id`, and `ad id` in the "ad.asp" endpoint, the `cid` parameter in the "dircat.asp" endpoint, and the `sid` parameter in the "dirSub.asp" endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Enthrallweb eHomes (affected versions not specified) **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the `city` or `State` parameter in the result.asp file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Enthrallweb eHomes (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved through SQL injection vulnerabilities in various parameters, including the `cid` parameter to "dircat.asp", the `sid` parameter to "dirSub.asp", the `TYPE ID` parameter to "types.asp", the `AD ID` parameter to "homeDetail.asp", the `cat` parameter to "result.asp", the `compare`, `clear`, and `adID` parameters to "compareHomes.asp", and the `aminprice`, `amaxprice`, and `abedrooms` parameters to "result.asp". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JiRos Links Manager (affected versions not specified) **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the submitlink.asp file of JiRos Links Manager. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the `lName`, `lURL`, `lImage`, and `lDescription` parameters. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Link Exchange Lite (affected versions not specified) **Description** The issue concerns SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands. This can be achieved via two methods: - the search engine field to the "/search.asp" API endpoint - the `psearch` parameter to the "/linkslist.asp" API endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BaalAsp forum (affected versions not specified) **Description** The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities allow remote attackers to execute arbitrary SQL commands. The vulnerabilities can be exploited through specific parameters in various ASP pages, including the `password` parameter to "adminlogin.asp", the `name` or `password` parameters to "userlogin.asp", or the `search` parameter to "search.asp". **Recommendations** For the "adminlogin.asp" page, avoid using the `password` parameter until a fix is available. For the "userlogin.asp" page, restrict the use of the `name` and `password` parameters to minimize risk. For the "search.asp" page, consider disabling the `search` parameter as a temporary workaround. At the moment, there is no information about a newer version that contains a fix for this vulnerability.