Euronymous

**Name of the Vulnerable Software and Affected Versions** Justice Guestbook version 1.3 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `name`, `homepage`, `aim`, `yim`, `location`, and `comment` variables. **Recommendations** For Justice Guestbook version 1.3, as a temporary workaround, consider restricting user input for the `name`, `homepage`, `aim`, `yim`, `location`, and `comment` variables to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ScozNet ScozBook version 1.1 BETA **Description** The issue allows remote attackers to obtain sensitive information. This is achieved via an invalid `PG` parameter in the "view.php" endpoint, which reveals the installation path in an error message. **Recommendations** For version 1.1 BETA, avoid using the `PG` parameter in the "view.php" endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the "view.php" endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ScozNet ScozBook version 1.1 BETA **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `username`, `useremail`, `aim`, `msn`, `sitename`, and `siteaddy` variables. **Recommendations** For ScozNet ScozBook version 1.1 BETA, as a temporary workaround, consider validating and sanitizing user input for the `username`, `useremail`, `aim`, `msn`, `sitename`, and `siteaddy` variables to prevent XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Justice Guestbook version 1.3 **Description** The issue allows remote attackers to obtain the full installation path. This is achieved via a direct request to "cfooter.php3", which leaks the path in an error message. **Recommendations** For Justice Guestbook version 1.3, consider restricting access to the "cfooter.php3" file to minimize the risk of path disclosure until a patch is available.

Name of the Vulnerable Software and Affected Versions: BRS WebWeaver versions 1.04 and earlier Description: The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP POST or HEAD request. Recommendations: For versions 1.04 and earlier, update to a version later than 1.04 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Ultimate PHP Board (UPB) version 1.9 Description: The issue allows remote attackers to execute arbitrary PHP code with administrator privileges. This is achieved via an HTTP request containing the code in the `User-Agent` header, which is executed when the administrator runs `admin iplog.php`. Recommendations: For Ultimate PHP Board (UPB) version 1.9, consider restricting access to `admin iplog.php` until a fix is available, and avoid using the `User-Agent` header to execute PHP code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Snowblind Web Server version 1.0 Description: The issue allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. This is a directory traversal vulnerability. Recommendations: For Snowblind Web Server version 1.0, consider restricting access to sensitive files and directories to minimize the risk of exploitation. As a temporary workaround, consider implementing additional validation and sanitization of HTTP requests to prevent directory traversal attacks.

Name of the Vulnerable Software and Affected Versions: Snowblind Web Server version 1.0 Description: The issue allows remote attackers to cause a denial of service, potentially leading to a crash, and may also enable the execution of arbitrary code. This can be achieved by sending a long HTTP request, which may trigger a buffer overflow. Recommendations: For Snowblind Web Server version 1.0, consider restricting the length of incoming HTTP requests to prevent potential buffer overflows until a patch is available.

Name of the Vulnerable Software and Affected Versions: Snowblind Web Server version 1.0 Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending a URL that ends in a "</" sequence. Recommendations: For Snowblind Web Server version 1.0, as a temporary workaround, consider restricting access to URLs that contain the "</" sequence to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Snowblind Web Server version 1.0 Description: The issue allows remote attackers to list arbitrary directory contents via a ... (triple dot) in an HTTP request. This could potentially expose sensitive information. Recommendations: For Snowblind Web Server version 1.0, consider restricting access to sensitive directories as a temporary workaround until a patch is available. Avoid using the ... (triple dot) in HTTP requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.