Darrell Damstedt

**Name of the Vulnerable Software and Affected Versions** Automated Logic Corporation WebCTRL versions 6.0 through 6.5 **Description** A security issue was found that allows an unauthenticated attacker to disclose full file contents from the underlying web server OS. This is possible due to a weakly configured XML parser that processes malicious input via the "X-Wap-Profile" HTTP header. **Recommendations** For versions 6.0 through 6.5, update the XML parser configuration to prevent the disclosure of file contents. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Square 9 GlobalForms version 6.2.x **Description** A Time Based SQL injection issue allows remote authenticated attackers to execute arbitrary SQL commands via the `match` parameter. This can potentially lead to a full server compromise through xp cmdshell. In some cases, the authentication requirement can be bypassed by using default admin credentials. **Recommendations** For Square 9 GlobalForms version 6.2.x, consider disabling the `match` parameter as a temporary workaround until a patch is available. Restrict access to the xp cmdshell to minimize the risk of exploitation. Avoid using default admin credentials and ensure all accounts have strong, unique passwords. At the moment, there is no information about a newer version that contains a fix for this vulnerability.