Beyazkurt

**Name of the Vulnerable Software and Affected Versions** Linux Web Shop (LWS) php User Base version 1.3beta **Description** A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files. This is achieved via the `template` parameter in the include/unverified.inc.php file. **Recommendations** For Linux Web Shop (LWS) php User Base version 1.3beta, consider restricting access to the `include/unverified.inc.php` file or validating the `template` parameter to prevent directory traversal attacks. As a temporary workaround, restrict the use of the `template` parameter in the affected file until a patch is available.

Name of the Vulnerable Software and Affected Versions: Scripts for Sites (SFS) EZ Link Directory (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cat id` parameter in a 'list' action. Recommendations: For Scripts for Sites (SFS) EZ Link Directory, avoid using the `cat id` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Sites for Scripts (SFS) EZ Hosting Directory (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cat id` parameter in a 'list' action, specifically targeting the directory.php file. Recommendations: For all affected versions, consider restricting access to the vulnerable directory.php file until a patch is available. As a temporary workaround, avoid using the `cat id` parameter in the affected API endpoint until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Sites for Scripts (SFS) EZ Home Business Directory (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cat id` parameter in a list action in the directory.php file. Recommendations: For all affected versions, consider restricting access to the vulnerable directory.php file until a patch is available. As a temporary workaround, avoid using the `cat id` parameter in the list action to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Sites for Scripts (SFS) Gaming Directory (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cat id` parameter in a 'list' action, specifically targeting the directory.php file. Recommendations: For all affected versions, consider restricting access to the `directory.php` file until a patch is available. As a temporary workaround, avoid using the `cat id` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Easy Content Management Publishing (affected versions not specified) **Description** The issue allows remote attackers to download a database due to insufficient access control. Sensitive information is stored under the web root, enabling attackers to access it via a direct request for Database/News.mdb. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Goople CMS version 1.7 **Description** The issue allows remote attackers to bypass authentication and gain administrative access. This is achieved by setting the `loggedin` cookie to 1, which is associated with the `win/content/upload.php` file in Goople CMS. **Recommendations** For Goople CMS version 1.7, consider temporarily restricting access to the `win/content/upload.php` file until a patch is available. Additionally, avoid relying solely on the `loggedin` cookie for authentication, and implement alternative authentication measures to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cant Find A Gaming CMS (CFAGCMS) version 1 **Description** The issue concerns remote file inclusion vulnerabilities in the themes/default/index.php file. This allows remote attackers to execute arbitrary PHP code via a URL in the `main` and `right` parameters. **Recommendations** For Cant Find A Gaming CMS (CFAGCMS) version 1, consider restricting access to the `themes/default/index.php` file to minimize the risk of exploitation. Avoid using the `main` and `right` parameters in URLs until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Phlatline's Personal Information Manager (pPIM) version 1.0 Description: The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the `date` parameter in a new action. This occurs in the events.php file. Recommendations: For version 1.0, avoid using the `date` parameter in the new action until the issue is resolved. As a temporary workaround, consider restricting access to the events.php file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Phlatline's Personal Information Manager (pPIM) version 1.0 Description: The issue allows remote attackers to delete arbitrary files using directory traversal sequences in the `file` parameter within a `delfile` action in the upload.php file. Recommendations: For version 1.0, consider restricting access to the upload.php file and the `delfile` action to minimize the risk of exploitation. Avoid using the `file` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** php Help Agent versions 1.0 through 1.1 **Description** A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files by using a .. (dot dot) in the `content` parameter of the include/head chat.inc.php file. In certain environments, this can be exploited for remote file inclusion using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. **Recommendations** For php Help Agent versions 1.0 through 1.1, consider restricting access to the include/head chat.inc.php file and validating the `content` parameter to prevent directory traversal attacks. As a temporary workaround, restrict the use of the `content` parameter in the include/head chat.inc.php file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux Web Shop (LWS) php Download Manager versions 1.0 through 1.1 **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `content` parameter. This is due to a directory traversal vulnerability in the include/body.inc.php file. **Recommendations** For Linux Web Shop (LWS) php Download Manager versions 1.0 through 1.1, consider restricting access to the `content` parameter in the include/body.inc.php file to prevent directory traversal attacks. As a temporary workaround, consider disabling the execution of arbitrary local files via the `content` parameter until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: XOOPS Horoscope module version 1.0 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `xoopsConfig[root path]` parameter in the footer.php file of the Horoscope 1.0 module for XOOPS. Recommendations: For XOOPS Horoscope module version 1.0, avoid using the `xoopsConfig[root path]` parameter in the footer.php file until the issue is resolved. Consider restricting access to the footer.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GlossWord version 1.8.1 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `sys[path addon]` parameter in the custom vars.php file. **Recommendations** For GlossWord version 1.8.1, consider restricting access to the custom vars.php file or the `sys[path addon]` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ACGVannu versions 1.3 and earlier **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using a .. (dot dot) in the `rubrik` parameter of the theme/acgv.php file. **Recommendations** For ACGVannu versions 1.3 and earlier, avoid using the `rubrik` parameter in the theme/acgv.php file until a fix is available. As a temporary workaround, consider restricting access to the theme/acgv.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** News Manager Deluxe version 1.0.1 **Description** A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files. This is achieved by using a .. (dot dot) in the `template` parameter. **Recommendations** For News Manager Deluxe version 1.0.1, consider restricting access to the vulnerable `includes/footer.php` file until a patch is available. As a temporary workaround, avoid using the `template` parameter with untrusted input.

**Name of the Vulnerable Software and Affected Versions** ScarNews version 1.2.1 **Description** The issue allows remote attackers to include and execute arbitrary local files. This is achieved by using a .. (dot dot) in the `sn admin dir` parameter, which enables directory traversal. **Recommendations** For ScarNews version 1.2.1, consider restricting access to the `sn admin dir` parameter to prevent directory traversal attacks until a patch is available. Avoid using the `sn admin dir` parameter with untrusted input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** BP Blog versions 7.0 through 7.0.2 **Description** The issue concerns a SQL injection vulnerability in the theme preview feature of the default.asp file. This vulnerability allows remote attackers to execute arbitrary SQL commands by manipulating the `layout` parameter in the API endpoint. **Recommendations** For BP Blog versions 7.0 through 7.0.2, consider restricting access to the theme preview feature until a patch is available. As a temporary workaround, avoid using the `layout` parameter in the default.asp file to minimize the risk of exploitation.