Henri Salo

**Name of the Vulnerable Software and Affected Versions** OpenCart versions 1.4.7 through 1.5.5.1 **Description** The anti-traversal code implemented in the filemanager.php of OpenCart is ineffective and can be bypassed. **Recommendations** For OpenCart versions 1.4.7 through 1.5.5.1, consider restricting access to the filemanager.php until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TinyBrowser plugin for Joomla! versions prior to 1.5.13 **Description** The issue allows for arbitrary file upload via the upload.php file. This can potentially lead to unauthorized access and malicious activities on the affected system. **Recommendations** For versions prior to 1.5.13, update to version 1.5.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the upload.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Joomla! versions prior to 1.5.13 **Description** The issue allows file upload and arbitrary PHP code execution through the Tiny browser in the TinyMCE 3.0 editor. **Recommendations** For versions prior to 1.5.13, update to version 1.5.13 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** phxEventManager version 2.0 beta 5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `search terms` parameter in the "search.php" file. **Recommendations** For phxEventManager version 2.0 beta 5, consider restricting access to the "search.php" file or validating and sanitizing the `search terms` parameter to prevent SQL injection attacks. As a temporary workaround, avoid using the `search terms` parameter in the affected file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Zenphoto versions prior to 1.4.3.4 **Description** The issue concerns a cross-site scripting (XSS) vulnerability in the `date` parameter of the `admin-news-articles.php` file. This allows for potential malicious script injection. No information is provided about the estimated number of affected devices or real-world incidents. **Recommendations** For versions prior to 1.4.3.4, update to version 1.4.3.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the `admin-news-articles.php` file or avoiding the use of the `date` parameter until the update is applied.

Name of the Vulnerable Software and Affected Versions: WordPress plugin wp-cleanfix (affected versions not specified) Description: The issue is related to Remote Code Execution in the WordPress plugin wp-cleanfix. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Joomla! com mailto versions 1.5.x through 1.5.13 **Description** The issue allows for an automated mail timeout bypass. **Recommendations** For versions 1.5.x through 1.5.13, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Joomla! core version 1.7.1 **Description** The issue allows information disclosure due to weak encryption. **Recommendations** For Joomla! core version 1.7.1, update to a version that uses stronger encryption to prevent information disclosure.

Name of the Vulnerable Software and Affected Versions: Flippy module versions 7.x-1.x before 7.x-1.2 for Drupal Description: The issue allows remote authenticated users with the permission to access content to read a link or alias to a restricted node due to improper access restriction to nodes. Recommendations: For Flippy module versions 7.x-1.x before 7.x-1.2, update to version 7.x-1.2 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Havalite CMS version 1.1.7 Description: The issue is related to a stored XSS vulnerability. Recommendations: For Havalite CMS version 1.1.7, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImpressPages CMS versions prior to 1.0.13 **Description** The issue concerns an unspecified remote code execution in ImpressPages CMS. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation are not specified. **Recommendations** For versions prior to 1.0.13, update to version 1.0.13 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Jara version 1.6 **Description** The issue is a SQL injection vulnerability. **Recommendations** For Jara version 1.6, update to a version that includes a fix for this SQL injection vulnerability.

**Name of the Vulnerable Software and Affected Versions** Jara version 1.6 **Description** The issue is related to a Cross-Site Scripting (XSS) vulnerability. Cross-Site Scripting is a type of security vulnerability that occurs when an attacker is able to inject malicious scripts into a website, which are then executed by the user's browser. **Recommendations** For Jara version 1.6, update to a version that includes a fix for the XSS vulnerability, if available. As a temporary workaround, consider implementing input validation and sanitization for all user-input fields to minimize the risk of exploitation. Restrict access to sensitive areas of the application to minimize the risk of XSS attacks.

**Name of the Vulnerable Software and Affected Versions** Simple Machine Forum (SMF) versions 1.0.4 and earlier **Description** The issue allows remote attackers to inject arbitrary SQL statements, which is a type of SQL injection vulnerability. This means an attacker can execute unauthorized SQL code on the database, potentially leading to data manipulation or extraction. **Recommendations** For Simple Machine Forum (SMF) versions 1.0.4 and earlier, update to a version later than 1.0.4 to resolve the SQL injection vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PyForum version 1.0.3 **Description** A backdoor was found in PyForum where an attacker who knows a valid user email could force a password reset on behalf of that user. **Recommendations** For PyForum version 1.0.3, consider disabling the password reset feature until a patch is available to prevent exploitation. Restrict access to the password reset module to minimize the risk of unauthorized password resets. Avoid using the email address as a means of authentication in the affected password reset functionality until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Joomla! versions 1.5x through 1.5.12 **Description** The issue is related to a missing JEXEC check. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For Joomla! versions 1.5x through 1.5.12, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** sNews version 1.71 **Description** A Cross-Site Scripting (XSS) issue exists in the reorder administrator functions. This allows for potential malicious script execution. **Recommendations** For sNews version 1.71, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Pretty-Link WordPress plugin version 1.5.2 **Description** The issue is related to a Cross-Site Scripting (XSS) problem. XSS is a type of security vulnerability that allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized access or control. **Recommendations** For Pretty-Link WordPress plugin version 1.5.2, update to a newer version that addresses the XSS issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** plow (affected versions not specified) **Description** The issue is a local buffer overflow. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Trac version 0.11.6 **Description** The issue allows an attacker to modify a ticket's status and resolution without proper permissions due to inadequate workflow permission checks. **Recommendations** For Trac version 0.11.6, update to a newer version that includes proper workflow permission checks to prevent unauthorized ticket modifications.