Cold Z3Ro

**Name of the Vulnerable Software and Affected Versions** FreePBX version 16 **Description** FreePBX version 16 contains an authenticated remote code execution issue in the API module. An attacker with valid session credentials can execute arbitrary commands. The issue is exploitable through the 'generatedocs' API endpoint by submitting crafted POST requests that inject bash commands, potentially leading to remote shell access. The `generatedocs` endpoint accepts POST requests with malicious payloads. The vulnerable parameter is not explicitly specified, but the attack involves bash command injection. **Recommendations** Apply any available updates or patches for FreePBX version 16. Restrict access to the 'generatedocs' API endpoint. As a temporary workaround, consider disabling the API module until a patch is available.

**Name of the Vulnerable Software and Affected Versions** osDate versions 2.0.8 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `php121dir` parameter. This can be achieved by manipulating the `php121dir` parameter in the vulnerable PHP file. **Recommendations** For osDate versions 2.0.8 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Picturesolution versions 2.1 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `path` parameter in the install/config.php file. Recommendations: For Picturesolution versions 2.1 and earlier, update to a version later than 2.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** vBulletin Google Yahoo Site Map (vBGSiteMap) version 2.41 for vBulletin **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `base` parameter to API endpoints such as "vbgsitemap/vbgsitemap-config.php" or "vbgsitemap/vbgsitemap-vbseo.php". **Recommendations** For vBulletin Google Yahoo Site Map (vBGSiteMap) version 2.41, consider restricting access to the `vbgsitemap-config.php` and `vbgsitemap-vbseo.php` files until a patch is available. Avoid using the `base` parameter in the affected API endpoints to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Taskhopper version 1.1 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `mosConfig absolute path` parameter to various PHP files, including "contact type.php", "itemstatus type.php", "projectstatus type.php", "request type.php", "responses type.php", "timelog type.php", and "urgency type.php" in the "inc/" directory. **Recommendations** For Taskhopper version 1.1, consider restricting access to the `mosConfig absolute path` parameter to prevent remote file inclusion attacks. As a temporary workaround, restrict access to the affected PHP files in the "inc/" directory until a patch is available. Avoid using the `mosConfig absolute path` parameter in the affected API endpoints until the issue is resolved.