George A. Theall

**Name of the Vulnerable Software and Affected Versions** extjs version 5.0.0 **Description** The issue is related to a server-side request forgery (SSRF) vulnerability in the feed-proxy.php file. This vulnerability can potentially allow an attacker to forge requests from the server, leading to unauthorized access to internal resources. **Recommendations** For extjs version 5.0.0, consider restricting access to the feed-proxy.php file to minimize the risk of exploitation. As a temporary workaround, disabling the vulnerable functionality in feed-proxy.php until a patch is available can help mitigate the risk.

**Name of the Vulnerable Software and Affected Versions** G/PGP Plugin versions 2.0 through 2.1dev before 20060912 **Description** The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the `messageSignedText` parameter to the `gpg check sign pgp mime` function in `gpg hook functions.php`. A parameter value can be set in the contents of an e-mail message. **Recommendations** For G/PGP Plugin versions 2.0 through 2.1dev before 20060912, consider restricting access to the `gpg check sign pgp mime` function in `gpg hook functions.php` to minimize the risk of exploitation. Avoid using the `messageSignedText` parameter in the affected function until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Moodle versions 1.6.1 and earlier **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `format` parameter stored in the `$blogEntry` variable. This variable is not properly handled by the `insert record` function, which calls ` adodb column sql` in the adodb layer. The issue arises because the data type is not converted to an int. **Recommendations** For Moodle versions 1.6.1 and earlier, consider restricting access to the `blog/edit.php` page until a fix is available. As a temporary workaround, avoid using the `format` parameter in the `$blogEntry` variable to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vanilla CMS versions 1.0.1 and earlier **Description** The issue concerns a remote file inclusion vulnerability in the upgrader.php file of Vanilla CMS. This vulnerability can be exploited when the /conf/old settings.php file exists, allowing remote attackers to execute arbitrary PHP code via a URL in the `RootDirectory` parameter. However, the vulnerability has been disputed for version 1.0, and it is unclear whether older versions are affected. **Recommendations** For Vanilla CMS versions 1.0.1 and earlier, consider restricting access to the upgrader.php file and the /conf/old settings.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the `RootDirectory` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Rumble version 1.02 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `configArr[pathtodir]` parameter in the config.php file. **Recommendations** For Rumble version 1.02, consider restricting access to the config.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the `configArr[pathtodir]` parameter in the affected config.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** openSUSE (affected versions not specified) Linux kernel versions prior to 2.6.17.3 and 2.6.16.23 **Description** The issue involves multiple vulnerabilities in various packages of the openSUSE operating system, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The Linux kernel is also affected, with versions prior to 2.6.17.3 and 2.6.16.23 being vulnerable to a denial of service (crash) via a packet without any chunks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.