Devil_Box

**Name of the Vulnerable Software and Affected Versions** Site News versions 3.06 and earlier Journal versions 1.0 and earlier Polls versions 3.06 and earlier Database Login versions 1.71 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `txtUserName` parameter in the check user.asp file. **Recommendations** For Site News versions 3.06 and earlier, update to a version later than 3.06 to resolve the issue. For Journal versions 1.0 and earlier, update to a version later than 1.0 to resolve the issue. For Polls versions 3.06 and earlier, update to a version later than 3.06 to resolve the issue. For Database Login versions 1.71 and earlier, update to a version later than 1.71 to resolve the issue. As a temporary workaround, consider restricting access to the check user.asp file until a patch is available. Avoid using the `txtUserName` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** PunBB versions 1.2.7 through 1.2.8 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `old searches` parameter in the "search.php" file. **Recommendations** For PunBB versions 1.2.7 and 1.2.8, consider restricting access to the "search.php" file until a patch is available. As a temporary workaround, avoid using the `old searches` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** aeNovo (affected versions not specified) aeNovoShop (affected versions not specified) aeNovoWYSI (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL code, potentially enabling cross-site scripting (XSS) attacks in resulting error messages. This can be achieved via the `password` parameter in "control.asp" and the `strSQL` parameter in "search.asp". **Recommendations** For aeNovo, consider restricting access to the `control.asp` and `search.asp` pages until a fix is available. For aeNovoShop, avoid using the `password` parameter in "control.asp" and the `strSQL` parameter in "search.asp" until the issue is resolved. For aeNovoWYSI, as a temporary workaround, consider disabling the execution of SQL code from user-input parameters in "control.asp" and "search.asp" until a patch is available.

**Name of the Vulnerable Software and Affected Versions** aeNovo products (affected versions not specified) **Description** The issue concerns the storage of password information in plaintext within certain tables of aeNovo products, including aeNovo, aeNovoShop, and aeNovoWYSI. Specifically, the control, content, and page tables contain plaintext passwords. This allows attackers who have access to the database to obtain these passwords and potentially gain privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PaFileDB version 3.1 **Description** The issue allows remote attackers to gain sensitive information. This occurs when an invalid or missing `action` parameter is provided, resulting in an error message that reveals the path when it cannot include a login.php script. **Recommendations** For PaFileDB version 3.1, consider restricting access to the pafiledb.php script until a patch is available, or ensure that the `action` parameter is properly validated to prevent information disclosure.

**Name of the Vulnerable Software and Affected Versions** Pafiledb version 3.1 **Description** The issue allows remote attackers to execute arbitrary PHP code. This is achieved by modifying the `action` parameter, which is used in an include statement for login.php. **Recommendations** For Pafiledb version 3.1, consider restricting access to the `pafiledb.php` file until a patch is available, and avoid using the modified `action` parameter in the include statement for login.php.