Bithedz

Name of the Vulnerable Software and Affected Versions: Advanced Login versions 0.76 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `root` parameter in the login/engine/db/profiledit.php file. Recommendations: For Advanced Login versions 0.76 and earlier, update to a version later than 0.76 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Textpattern version 1.19 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `txpcfg[txpath]` parameter in the publish.php file when register globals is enabled. Recommendations: For Textpattern version 1.19, consider disabling the register globals setting to prevent exploitation until a patch is available. Restrict access to the publish.php file to minimize the risk of exploitation. Avoid using the `txpcfg[txpath]` parameter in the affected API endpoint until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: ArticleBeach Script versions 2.0 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `page` parameter in the index.php file. Recommendations: For ArticleBeach Script versions 2.0 and earlier, update to a version later than 2.0 to resolve the issue.