Copy_Cat

**Name of the Vulnerable Software and Affected Versions** PHPCMF version 4.1.3 **Description** The issue is related to a security problem where an attacker can inject malicious code. The problem occurs via the first input field to the "index.php?s=member&c=register&m=index" URI, allowing for malicious code injection. **Recommendations** For PHPCMF version 4.1.3, consider validating and sanitizing user input to the first field in the "index.php?s=member&c=register&m=index" URI to prevent code injection. As a temporary workaround, restrict access to the register function until a proper fix is applied.

Name of the Vulnerable Software and Affected Versions: NewsBee (affected versions not specified) Description: The issue allows for XSS via the Company Name field in the Settings under the admin/admin.php endpoint. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.