Bl4Ckh4Ck5

Name of the Vulnerable Software and Affected Versions: MagpieRSS version 0.72 Description: The issue arises from an incorrectly escaped exec command in the /extlib/Snoopy.class.inc file. This allows an attacker to add an extra command to the curl binary, creating a problem on the /scripts/magpie debug.php and /scripts/magpie simple.php pages. By sending a specific https URL in the RSS URL field, an attacker can execute arbitrary commands. Recommendations: For MagpieRSS version 0.72, consider disabling the `exec` command in the /extlib/Snoopy.class.inc file as a temporary workaround until a patch is available. Restrict access to the /scripts/magpie debug.php and /scripts/magpie simple.php pages to minimize the risk of exploitation. Avoid using the RSS URL field with untrusted input until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: MagpieRSS version 0.72 Description: The issue arises from a lack of validation on a curl command in the /extlib/Snoopy.class.inc file. This allows an attacker to request any internal page when sending a request to the /scripts/magpie debug.php or /scripts/magpie simple.php page using a https request. Recommendations: For MagpieRSS version 0.72, consider disabling the curl command functionality in the /extlib/Snoopy.class.inc file until a patch is available. Restrict access to the /scripts/magpie debug.php and /scripts/magpie simple.php pages to minimize the risk of exploitation. Avoid using the https request method in these pages until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Responsive FileManager versions 9.13.4 through 9.14.0 **Description** The issue allows for Server-Side Request Forgery (SSRF) via the `url` parameter in the upload.php file. This is due to mishandled file-extension blocking and the possibility of a DNS hostname resolving to an internal IP address. For example, adding a .ico filename to the PATH INFO can lead to a successful SSRF attempt. An attacker could also create a DNS hostname that resolves to the 0.0.0.0 IP address for DNS pinning. **Recommendations** For Responsive FileManager versions 9.13.4 through 9.14.0, consider disabling the upload.php file or restricting access to it until a proper fix is applied. Avoid using the `url` parameter in the upload.php file to minimize the risk of exploitation. As a temporary workaround, restrict the handling of file extensions and DNS hostnames to prevent SSRF attempts.