Hussin X

**Name of the Vulnerable Software and Affected Versions** Online Guestbook Pro (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `display` parameter in the `ogp show.php` file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WEBBDOMAIN Post Card (aka Web Postcards) versions 1.02, 1.01, and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `catid` parameter in the choosecard.php file. **Recommendations** For versions 1.02, 1.01, and earlier, consider restricting access to the choosecard.php file until a patch is available. Avoid using the `catid` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SoftComplex PHP Image Gallery (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `ctg` parameter in the "index.php" file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: 6rbScript version 3.3 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `singerid` parameter in a "singers" action, specifically targeting the section.php file. Recommendations: For 6rbScript version 3.3, consider restricting access to the section.php file or avoiding the use of the `singerid` parameter in the singers action until a fix is available.

Name of the Vulnerable Software and Affected Versions: Hotscripts Clone (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cid` parameter in the showcategory.php file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: E-topbiz AdManager version 4 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `group` parameter in the view.php file. Recommendations: For E-topbiz AdManager version 4, avoid using the `group` parameter in the view.php file until a fix is available. As a temporary workaround, consider restricting access to the view.php file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: SaturnCMS (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `username` parameter to the ` userLoggedIn` function in the lib/user/t user.php file. Recommendations: As a temporary workaround, consider restricting access to the ` userLoggedIn` function until a patch is available. Avoid using the `username` parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Scripts For Sites (SFS) EZ BIZ PRO (affected versions not specified) Description: A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the `id` parameter in the track.php file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Harlandscripts Pro Traffic One (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the poll results.php file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Full PHP Emlak Script (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the `arsaprint.php` file, which is susceptible to SQL injection attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Adult Banner Exchange Website (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `targetid` parameter in the "click.php" endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Link Trader Script (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `lnkid` parameter in the ratelink.php file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AvailScript Article Script (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `v` parameter in the "view.php" file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QuidaScript BookMarks Favourites Script (APB) (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the view group.php file. **Recommendations** For QuidaScript BookMarks Favourites Script (APB), consider restricting access to the `id` parameter in the view group.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Hotel Booking Reservation System (aka HBS) for Joomla! (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `id` parameter in a `showhoteldetails` action to `index.php`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ZeeMatri version 3.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `adid` parameter in the bannerclick.php file. **Recommendations** For ZeeMatri version 3.0, consider restricting access to the bannerclick.php file until a patch is available. Avoid using the `adid` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** e-topbiz Number Links 1 Php Script (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `id` parameter in an edit action. This is possible due to a SQL injection vulnerability in the admin/admin catalog.php file. **Recommendations** For e-topbiz Number Links 1 Php Script, consider restricting access to the `id` parameter in the edit action to minimize the risk of exploitation. Avoid using the `id` parameter in the affected admin/admin catalog.php file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Webmaster Marketplace (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `u` parameter in the member.php file. This can potentially lead to unauthorized access and manipulation of database content. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPStore Wholesales (aka Wholesale) (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "track.php" file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PozScripts Business Directory Script (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cid` parameter in the "showcategory.php" file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.