Doz

**Name of the Vulnerable Software and Affected Versions** WordPress version 2.3.2 **Description** The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the `inviteemail` parameter in an invite action to "wp-admin/users.php" or the `to` parameter in a sent action to "wp-admin/invites.php". **Recommendations** For WordPress version 2.3.2, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the "wp-admin/users.php" and "wp-admin/invites.php" endpoints until a patch is available. Avoid using the `inviteemail` and `to` parameters in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** PD9 Software MegaBBS version 1.5.14b **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the `target` parameter in the "profile-upload/upload.asp" endpoint. **Recommendations** For version 1.5.14b, consider restricting access to the "profile-upload/upload.asp" endpoint until a fix is available, and avoid using the `target` parameter in this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Simple Machines Forum versions 1.1.4 and earlier **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the `Itemid` or `topic` arguments. **Recommendations** For Simple Machines Forum versions 1.1.4 and earlier, update to a version later than 1.1.4 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** LiveCart versions prior to 1.1.0 **Description** The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting (XSS) attacks. This can be achieved through various parameters, including the `return` parameter to `user/remindPassword`, the `q` parameter to the category script, the `return` parameter to the order script, or the `email` parameter to `user/remindComplete`. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable parameters, such as `return` and `q`, until a patch is available. Avoid using the `email` parameter in the affected `user/remindComplete` endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Bitweaver versions 2.0.0 and earlier **Description** A direct static code injection issue exists when comments are enabled, allowing remote attackers to inject arbitrary PHP code via an editcomments action. **Recommendations** For Bitweaver versions 2.0.0 and earlier, consider disabling the comments feature to prevent exploitation until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Invision Power Board (IPB or IP.Board) D22-Shoutbox (affected versions not specified) **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors, potentially leading to the execution of malicious code on the client-side. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Comersus Cart version 7.07 **Description** The issue allows remote attackers to inject arbitrary web script or HTML, which can lead to cross-site scripting (XSS) attacks. This is achieved by manipulating the `redirectUrl` parameter in specific API endpoints, such as (1) "comersus customerAuthenticateForm.asp" or (2) "comersus message.asp". **Recommendations** For Comersus Cart version 7.07, as a temporary workaround, consider restricting access to the `redirectUrl` parameter in the affected API endpoints until a patch is available. Avoid using the `redirectUrl` parameter in the "comersus customerAuthenticateForm.asp" and "comersus message.asp" endpoints to minimize the risk of exploitation.

Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportSuite - ESupport 3.00.13 and 3.04.10 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a (1) lostpassword or (2) register action in index.php, (3) unspecified vectors in the Submit form in a submit action in index.php, and (4) the user's name in index.php; and (5) allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the Admin and Staff Control Panel. NOTE: this might issue overlap CVE-2004-1412, CVE-2005-0487, or CVE-2005-0842.

Name of the Vulnerable Software and Affected Versions: Uphotogallery version 1.1 Description: A cross-site scripting (XSS) issue exists, allowing remote authenticated administrators to inject arbitrary web script or HTML. This is achieved via the `s` parameter in the images archive.asp file. Recommendations: For Uphotogallery version 1.1, consider restricting access to the `s` parameter in the images archive.asp file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: InstantASP version 4.1.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the `SessionID` parameter to the "Logon.aspx" endpoint, and the `Username` and `Update` parameters to the "Members1.aspx" endpoint. Recommendations: For InstantASP version 4.1.0, consider restricting access to the "Logon.aspx" and "Members1.aspx" endpoints until a fix is available. As a temporary workaround, avoid using the `SessionID`, `Username`, and `Update` parameters in these endpoints to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: PHP Live! versions 3.2.2 and earlier Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to security breaches. This is achieved through several parameters in different PHP files, including the `search string` parameter in "setup/transcripts.php", the `l` parameter in "index.php", the `login` field in "phplive/index.php", and the `deptid` and `x` parameters in "phplive/message box.php". Recommendations: For PHP Live! versions 3.2.2 and earlier, consider disabling the vulnerable parameters `search string`, `l`, `login`, `deptid`, and `x` in their respective files until a patch is available. Restrict access to the affected PHP files to minimize the risk of exploitation. Avoid using the parameters `search string`, `l`, `login`, `deptid`, and `x` in the affected API endpoints until the issue is resolved.