Chip D3 Bi0S

**Name of the Vulnerable Software and Affected Versions** JPhone (com jphone) component version 1.0 Alpha 3 for Joomla! **Description** The issue allows remote attackers to include and execute arbitrary local files. This is achieved by using a .. (dot dot) in the `controller` parameter to the "index.php" endpoint. **Recommendations** For JPhone (com jphone) component version 1.0 Alpha 3, consider restricting access to the `controller` parameter in the "index.php" endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Joomla! component JE FAQ Pro (com jefaqpro) version 1.5.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via category categorylist operations using the `catid` parameter in a lists action. **Recommendations** For version 1.5.0, consider restricting access to the `catid` parameter in category categorylist operations to minimize the risk of exploitation. Avoid using the `catid` parameter in lists actions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Joomla! component com foobla suggestions version 1.5.1.2 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using directory traversal sequences in the `controller` parameter to the "index.php" endpoint. **Recommendations** For version 1.5.1.2, consider restricting access to the "index.php" endpoint until a patch is available. As a temporary workaround, avoid using the `controller` parameter in the affected endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** JVideo! (com jvideo) versions 0.3.11c Beta through 0.3.x **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `user id` parameter in a user action to "index.php". **Recommendations** For versions 0.3.11c Beta through 0.3.x, avoid using the `user id` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dione Form Wizard version 1.0.2 **Description** A directory traversal issue allows remote attackers to read arbitrary files by using directory traversal sequences in the `controller` parameter to "index.php". **Recommendations** For version 1.0.2, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the "index.php" endpoint to minimize the risk of exploitation. Avoid using the `controller` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** SMEStorage (com smestorage) version 1.1 and earlier for Joomla! **Description** The issue allows remote attackers to read arbitrary files via directory traversal sequences in the `controller` parameter to "index.php". **Recommendations** For SMEStorage (com smestorage) version 1.1 and earlier, update to version 1.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Joomla! component Freestyle FAQs Lite (com fsf) version 1.3 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `faqid` parameter in an 'faq' action to 'index.php'. **Recommendations** For version 1.3, avoid using the `faqid` parameter in the 'faq' action to 'index.php' until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** webERPcustomer (com weberpcustomer) component version 1.2.1 webERPcustomer (com weberpcustomer) component versions 1.x before 1.06.02 for Joomla! **Description** The issue allows remote attackers to read arbitrary files via a .. (dot dot) in the `controller` parameter to "index.php". This is a directory traversal vulnerability in weberpcustomer.php. **Recommendations** For version 1.2.1, update to a version newer than 1.06.02 to resolve the issue. For versions 1.x before 1.06.02, update to version 1.06.02 or newer to resolve the issue. As a temporary workaround, consider restricting access to the "index.php" endpoint to minimize the risk of exploitation. Avoid using the `controller` parameter in the affected "index.php" endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** JInventory (com jinventory) versions 1.23.02 through 1.26.03 **Description** The issue allows remote attackers to read arbitrary files via a .. (dot dot) in the `controller` parameter to "index.php". **Recommendations** For versions 1.23.02 through 1.26.03, update to version 1.26.03 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Joomla! User Status (com userstatus) component version 1.21.16 **Description** A directory traversal issue exists in the userstatus.php file of the User Status component for Joomla!, allowing remote attackers to read arbitrary files. This is achieved by including a .. (dot dot) in the `controller` parameter to the "index.php" endpoint. **Recommendations** For version 1.21.16, consider restricting access to the vulnerable "userstatus.php" file until a patch is available. As a temporary workaround, avoid using the `controller` parameter in the "index.php" endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** DecryptWeb DW Graphs (com dwgraphs) component version 1.0 for Joomla! **Description** The issue allows remote attackers to read arbitrary files via directory traversal sequences in the `controller` parameter to "index.php". **Recommendations** For DecryptWeb DW Graphs (com dwgraphs) component version 1.0, consider restricting access to the "index.php" endpoint to minimize the risk of exploitation. Avoid using the `controller` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Joomla! component com jeformcr (affected versions not specified) **Description** A directory traversal issue exists in the JE Form Creator component for Joomla!, allowing remote attackers to read arbitrary files when magic quotes gpc is disabled. This is achieved by using directory traversal sequences in the `view` parameter to `index.php`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Joomloc (com joomloc) component version 1.0 for Joomla **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `id` parameter in an edit task to the "index.php" endpoint. **Recommendations** For Joomloc (com joomloc) component version 1.0, avoid using the `id` parameter in the edit task to the "index.php" endpoint until the issue is resolved. Consider restricting access to the edit task in "index.php" to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mambo Resident (aka Mos Res or com mosres) component version 1.0f **Description** The issue allows remote attackers to execute arbitrary SQL commands when magic quotes gpc is disabled. This can be achieved via the `property uid` parameter in a "viewproperty" action to "index.php" and the `regID` parameter in a "showregion" action to "index.php". **Recommendations** For Mambo Resident (aka Mos Res or com mosres) component version 1.0f, consider disabling the magic quotes gpc feature to prevent SQL injection attacks. As a temporary workaround, restrict access to the "viewproperty" and "showregion" actions in index.php to minimize the risk of exploitation. Avoid using the `property uid` and `regID` parameters in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** com ninjacentral version 1.1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `testimID` parameter in a display action to "index.php". **Recommendations** For version 1.1.0, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the `testimID` parameter in the affected API endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** jTips (com jtips) component versions 1.0.7 and 1.0.9 for Joomla! **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `season` parameter in a ladder action to "index.php". **Recommendations** For version 1.0.7, update to a version that fixes this issue. For version 1.0.9, update to a version that fixes this issue. As a temporary workaround, consider restricting access to the "index.php" endpoint to minimize the risk of exploitation. Avoid using the `season` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Joomla! component DJ-Catalog (com djcatalog) (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `id` parameter in a 'showItem' action and the `cid` parameter in a 'show' action to 'index.php'. **Recommendations** For the DJ-Catalog component, consider restricting access to the 'showItem' and 'show' actions in 'index.php' until a fix is available. Avoid using the `id` and `cid` parameters in these actions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Joomla! component com foobla suggestions version 1.5.11 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `idea id` parameter in the "index.php" endpoint. **Recommendations** For version 1.5.11, avoid using the `idea id` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** MyRemote Video Gallery (com mytube) version 1.0 Beta for Joomla! **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `user id` parameter in the "videos" action to the "/index.php" endpoint. **Recommendations** For MyRemote Video Gallery (com mytube) version 1.0 Beta, avoid using the `user id` parameter in the affected API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the "/index.php" endpoint for the "videos" action to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Joomla! Integrated Newsletters Component (com jinc) version 0.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `newsid` parameter in a 'messages' action to 'index.php'. **Recommendations** For version 0.2, consider restricting access to the 'index.php' endpoint with a 'messages' action until a patch is available. As a temporary workaround, avoid using the `newsid` parameter in the affected endpoint.