D3B4G

**Name of the Vulnerable Software and Affected Versions** IncrediMail version 2.0 **Description** The issue is related to a buffer overflow in the Authenticate method of the INCREDISPOOLERLib.Pop ActiveX control in ImSpoolU.dll. This can be triggered by a remote attacker sending a long string in the first argument, potentially causing a denial of service (application crash) or other unspecified impacts. **Recommendations** For IncrediMail version 2.0, consider disabling the Authenticate method in the INCREDISPOOLERLib.Pop ActiveX control as a temporary workaround until a patch is available. Restrict access to the ImSpoolU.dll to minimize the risk of exploitation. Avoid using long strings in the first argument of the Authenticate method until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** StarUML (affected versions not specified) **Description** The issue is related to a buffer overflow in the ToDot method in the WINGRAPHVIZLib.NEATO ActiveX control in WinGraphviz.dll. This allows remote attackers to execute arbitrary code via a long argument. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MYRE Business Directory (affected versions not specified) **Description** A cross-site scripting (XSS) issue exists in the search.php file, allowing remote attackers to inject arbitrary web script or HTML via the `look` parameter in the API endpoint "/search.php". This could potentially lead to unauthorized actions on the affected system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MYRE Business Directory (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `cat` parameter in links.php. This could potentially lead to unauthorized access or manipulation of database content. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MYRE Vacation Rental Software (affected versions not specified) **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `link idd` parameter in a login action. This occurs in the vacation/1 mobile/alert members.php file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MYRE Vacation Rental Software (affected versions not specified) **Description** The issue concerns SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands. This can be achieved through specific parameters in certain API endpoints, such as the `garage1` or `bathrooms1` parameter to "vacation/1 mobile/search.php", or through unspecified input to "vacation/widgate/request more information.php". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MYRE Realty Manager (affected versions not specified) **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `cat id1` parameter in the "search.php" endpoint. **Recommendations** For all affected versions, consider restricting access to the vulnerable "search.php" endpoint until a patch is available. As a temporary workaround, avoid using the `cat id1` parameter in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** MYRE Realty Manager (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `bathrooms1` parameter to API endpoints such as "/demo2/search.php" or "/search.php". **Recommendations** For all affected versions, consider restricting access to the `bathrooms1` parameter in the "/demo2/search.php" and "/search.php" API endpoints to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPRecipeBook versions 2.24 through 2.39 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `base id` or `course id` parameter in a search action. **Recommendations** For PHPRecipeBook versions 2.24 through 2.39, consider restricting access to the search action until a patch is available. As a temporary workaround, avoid using the `base id` and `course id` parameters in the affected API endpoint. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Scripts For Sites (SFS) EZ Hot or Not (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `phid` parameter in the "viewcomments.php" file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Scripts for Sites (SFS) SFS EZ Affiliate (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cat id` parameter in a 'list' action, specifically targeting the directory.php file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DigiAffiliate versions 1.4 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `admin` and `password` fields in the login.asp file. **Recommendations** For versions 1.4 and earlier, update to a version later than 1.4 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Simple Customer version 1.2 Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `password` parameter in the login.php file. Recommendations: For Simple Customer version 1.2, consider restricting access to the login.php file until a patch is available, and avoid using the `password` parameter in a way that could facilitate SQL injection attacks.

Name of the Vulnerable Software and Affected Versions: W3matter RevSense version 1.0 Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `f[password]` parameter in the "index.php" file. Recommendations: For W3matter RevSense version 1.0, avoid using the `f[password]` parameter in the index.php file until a fix is available. Consider restricting access to the index.php file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Scripts For Sites (SFS) EZ Webring (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cat` parameter in the "category.php" file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Venalsur Booking Centre Booking System for Hotels Group (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands via the `OfertaID` parameter in the cadena ofertas ext.php file. This can lead to unauthorized access and manipulation of sensitive data. Recommendations: For the affected version, consider restricting access to the vulnerable `cadena ofertas ext.php` file until a patch is available. As a temporary workaround, avoid using the `OfertaID` parameter in the affected file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Venalsur Booking Centre Booking System for Hotels Group (affected versions not specified) Description: The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the `OfertaID` parameter in the cadena ofertas ext.php file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** V3 Chat - Profiles/Dating Script version 3.0.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `username` and `password` fields. **Recommendations** For version 3.0.2, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the `username` and `password` fields to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** QuestCMS (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `obj` parameter in the main/main.php file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QuestCMS (affected versions not specified) **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `cx` parameter in the main/main.php file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.