Cobra_21

**Name of the Vulnerable Software and Affected Versions** BestShopPro (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `str` parameter in the `pokaz podkat.php` file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BestShopPro (affected versions not specified) **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the `str` parameter in the "nowosci.php" file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** sNews version 1.7 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `category` parameter in the "index.php" file. **Recommendations** For sNews version 1.7, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** phpaaCms version 0.3.1 UTF-8 phpaaCms versions prior to the fixed version (if available) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "list.php" file. **Recommendations** For phpaaCms version 0.3.1 UTF-8, consider restricting access to the `id` parameter in the "list.php" file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** tekno.Portal version 0.1b **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "makale.php" file. **Recommendations** For tekno.Portal version 0.1b, avoid using the `id` parameter in the "makale.php" file until a fix is available. Consider restricting access to the "makale.php" file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHPCityPortal (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `req username` (also known as `Username`) and `req password` (also known as `Password`) parameters in the login.php file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Yamamah (aka Dove Photo Album) version 1.00 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `calbums` parameter in the index.php file. **Recommendations** For Yamamah (aka Dove Photo Album) version 1.00, avoid using the `calbums` parameter in the index.php file until the issue is resolved. As a temporary workaround, consider restricting access to the index.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** phpNagios version 1.2.0 **Description** The issue allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the `conf[lang]` parameter in the menu.php file. **Recommendations** For phpNagios version 1.2.0, consider restricting access to the menu.php file until a patch is available, and avoid using the `conf[lang]` parameter with untrusted input.

**Name of the Vulnerable Software and Affected Versions** phpSANE version 0.5.0 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `file save` parameter in the save.php file. **Recommendations** For phpSANE version 0.5.0, update to a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: Ve-EDIT version 0.1.4 Description: A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files. This is achieved by using a .. (dot dot) in the ` GET[filename]` parameter. Recommendations: For Ve-EDIT version 0.1.4, consider restricting access to the debugger/debug php.php file until a patch is available. As a temporary workaround, avoid using the ` GET[filename]` parameter in the affected endpoint.

Name of the Vulnerable Software and Affected Versions: KingCMS version 0.6.0 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `CONFIG[AdminPath]` parameter in the include/engine/content/elements/menu.php file. Recommendations: For KingCMS version 0.6.0, avoid using the `CONFIG[AdminPath]` parameter in the affected file until the issue is resolved. Consider restricting access to the menu.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Rapid Classified versions 3.1 through 3.15 Description: The issue allows remote attackers to download the database file due to insufficient access control. Sensitive information is stored under the web root, making it accessible via a direct request to "cldb.mdb". Recommendations: For versions 3.1 through 3.15, restrict access to the cldb.mdb file to prevent unauthorized downloads. Consider relocating sensitive information outside of the web root or implementing proper access controls to mitigate the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: MyCal Personal Events Calendar (affected versions not specified) Description: The issue concerns the storage of sensitive information under the web root with insufficient access control. This allows remote attackers to download a database containing the `username` and `password` via a direct request to "mycal.mdb". Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Directory traversal vulnerability in conf/ php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf[lang] parameter, a different issue than CVE-2008-6318. NOTE: this might be the same issue as CVE-2008-6316.

Name of the Vulnerable Software and Affected Versions: PHPmyGallery version 1.5 beta Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `admindir` parameter. This is a different vector than previously identified issues. Recommendations: For PHPmyGallery version 1.5 beta, consider restricting access to the `common-tpl-vars.php` file to minimize the risk of exploitation. Avoid using the `admindir` parameter in URLs until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.