Hadihadi

**Name of the Vulnerable Software and Affected Versions** OTManager CMS version 2.4 **Description** The issue allows remote attackers to bypass authentication and gain administrator privileges by setting the `ADMIN Hora`, `ADMIN Logado`, and `ADMIN Nome` cookies to certain values. This is reachable in the "Admin/index.php" endpoint. **Recommendations** For OTManager CMS version 2.4, as a temporary workaround, consider restricting access to the "Admin/index.php" endpoint until a patch is available. Additionally, avoid using the `ADMIN Hora`, `ADMIN Logado`, and `ADMIN Nome` cookies in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SH-News version 3.0 **Description** The issue allows remote attackers to bypass authentication and gain administrator privileges. This is achieved by setting the `shuser` and `shpass` cookies to non-zero values in the 'action.php' file. **Recommendations** For SH-News version 3.0, consider temporarily restricting access to the 'action.php' file until a patch is available. As a workaround, avoid using non-zero values for the `shuser` and `shpass` cookies to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** A+ PHP Scripts News Management System (NMS) (affected versions not specified) **Description** The issue allows remote attackers to bypass authentication and gain administrator privileges. This is achieved by setting the `mobsuser` and `mobspass` cookies to 1. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RoomPHPlanning version 1.5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `idroom` parameter to the "weekview.php" API endpoint. **Recommendations** For RoomPHPlanning version 1.5, consider restricting access to the `weekview.php` endpoint until a patch is available. As a temporary workaround, avoid using the `idroom` parameter in the affected endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Kim Websites version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `username` and `password` parameters in the login.php file. **Recommendations** For Kim Websites version 1.0, consider restricting access to the login.php file until a patch is available. As a temporary workaround, avoid using the `username` and `password` parameters in the login process to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PowerNews version 2.5.4 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `newsid` parameter in the "news.php" file when `magic quotes gpc` is disabled. **Recommendations** For PowerNews version 2.5.4, consider disabling the `newsid` parameter in the "news.php" file until a patch is available, or enable `magic quotes gpc` to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** PowerClan version 1.14a **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `loginemail` parameter in the admin/index.php file. **Recommendations** For PowerClan version 1.14a, avoid using the `loginemail` parameter in the admin/index.php file until the issue is resolved. Consider restricting access to the admin/index.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** eDNews version 2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `newsid` parameter in the eDNews view.php file. **Recommendations** For version 2, consider restricting access to the `newsid` parameter in the eDNews view.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the `newsid` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** psipuss version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via two parameters: the `Cid` parameter to the "categories.php" endpoint or the `Username` parameter to the "login.php" endpoint. **Recommendations** For psipuss version 1.0, consider restricting access to the "categories.php" and "login.php" endpoints until a patch is available. As a temporary workaround, avoid using the `Cid` and `Username` parameters in these endpoints to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHP-Ring Webring System (aka uPHP ring website) version 0.9.1 **Description** The issue allows remote attackers to bypass authentication and gain administrative access. This is achieved by setting the `admin` cookie to 1, effectively allowing unauthorized access to administrative functions. **Recommendations** For PHP-Ring Webring System (aka uPHP ring website) version 0.9.1, consider temporarily disabling the administrative access functionality until a patch is available. Restrict access to the admin/wr admin.php file to minimize the risk of exploitation. Avoid relying solely on the `admin` cookie for authentication until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Dayfox Blog version 4 **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `p`, `cat`, and `archive` parameters in index.php. This can potentially be leveraged for remote file inclusion in certain environments by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. **Recommendations** For Dayfox Blog version 4, consider restricting access to the `p`, `cat`, and `archive` parameters in index.php to minimize the risk of exploitation. As a temporary workaround, avoid using these parameters until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WebChamado version 1.1 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `tsk id` parameter in the lista anexos.php file. **Recommendations** For WebChamado version 1.1, avoid using the `tsk id` parameter in the vulnerable lista anexos.php file until a fix is available. Consider restricting access to this file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Kostenloses Linkmanagementscript (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter to API endpoints such as "view.php" and "top view.php". Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VisualShapers ezContents version 2.0.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `contentname` parameter to "showdetails.php" and the `article` parameter to "printer.php". **Recommendations** For VisualShapers ezContents version 2.0.0, consider restricting access to the "showdetails.php" and "printer.php" scripts until a patch is available. As a temporary workaround, avoid using the `contentname` and `article` parameters in the affected API endpoints.

**Name of the Vulnerable Software and Affected Versions** Project Alumni version 1.0.9 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "info.php" file. **Recommendations** For Project Alumni version 1.0.9, consider restricting access to the "info.php" file or avoiding the use of the `id` parameter until a fix is available. As a temporary workaround, validate and sanitize all user input to prevent malicious SQL commands.

**Name of the Vulnerable Software and Affected Versions** Project Alumni version 1.0.9 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `year` parameter in a news action to "index.php". **Recommendations** For Project Alumni version 1.0.9, avoid using the `year` parameter in the news action to "index.php" until the issue is resolved. As a temporary workaround, consider restricting access to the news page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ScriptsEZ.net Power Editor version 2.0 **Description** The issue allows remote attackers to read arbitrary local files due to multiple directory traversal vulnerabilities in the editor.php file. This is achieved by using a .. (dot dot) in the `te` and `dir` parameters within a tempedit action. **Recommendations** For ScriptsEZ.net Power Editor version 2.0, consider restricting access to the editor.php file until a patch is available, and avoid using the `te` and `dir` parameters in the tempedit action to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ScriptsEZ.net Power Editor version 2.0 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The vulnerable parameters are `te` and `dir` in a 'tempedit' action. **Recommendations** For ScriptsEZ.net Power Editor version 2.0, avoid using the `te` and `dir` parameters in the 'tempedit' action until a fix is available. As a temporary workaround, consider restricting access to the editor.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Blogator-script version 0.95 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id art` parameter in the ` blogadata/include/sond result.php` file. **Recommendations** For Blogator-script version 0.95, consider restricting access to the ` blogadata/include/sond result.php` file or avoid using the `id art` parameter until a patch is available.

**Name of the Vulnerable Software and Affected Versions** KnowledgeQuest version 2.6 **Description** The issue allows remote attackers to execute arbitrary SQL commands due to multiple SQL injection vulnerabilities. This is possible when the magic quotes gpc setting is disabled. The vulnerabilities can be exploited through specific parameters in various PHP files, including the `kqid` parameter in "articletext.php" and "articletextonly.php", and the `username` parameter in "logincheck.php". **Recommendations** For KnowledgeQuest version 2.6, consider disabling the `kqid` parameter in "articletext.php" and "articletextonly.php" and the `username` parameter in "logincheck.php" until a patch is available. Additionally, enabling the magic quotes gpc setting can help mitigate the risk of SQL injection attacks.