Inphex

**Name of the Vulnerable Software and Affected Versions** sCssBoard versions 1.0 through 1.12 **Description** The issue allows remote attackers to bypass authentication and gain administrative access. This is achieved by providing a large value of the `current user[users level]` parameter in the "admin/forums.php" endpoint. **Recommendations** For sCssBoard versions 1.0 through 1.12, as a temporary workaround, consider restricting access to the "admin/forums.php" endpoint until a patch is available. Avoid using the `current user[users level]` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** sCssBoard versions 1.0 through 1.12 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via several parameters and actions, including the `f` parameter in a "showforum" action, the `u` parameter in a "profile" action, the `viewcat` parameter, or a combination of `scb uid` and `scb ident` cookie values. **Recommendations** For sCssBoard versions 1.0 through 1.12, consider restricting access to the affected parameters and actions until a patch is available. As a temporary workaround, avoid using the `f` parameter in "showforum" actions, the `u` parameter in "profile" actions, and the `viewcat` parameter. Additionally, restrict the use of `scb uid` and `scb ident` cookie values to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** sCssBoard versions 1.0 through 1.12 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `inc function` parameter. This can be achieved by manipulating the API endpoint, although the specific endpoint is not mentioned. The estimated number of potentially affected devices and details about real-world incidents are not provided. **Recommendations** For sCssBoard versions 1.0 through 1.12, consider restricting access to the `inc function` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PHPizabi version 0.848b C1 HFP1 Description: The issue is related to an unrestricted file upload vulnerability. This vulnerability can be exploited by remote attackers to upload and execute arbitrary code. The exploitation involves the `writeLogEntry` function and requires `register globals` to be enabled. Attackers can specify a filename in the `CONF[CRON LOGFILE]` parameter and provide file contents in the `CONF[LOCALE LONG DATE TIME]` parameter. Recommendations: For PHPizabi version 0.848b C1 HFP1, consider disabling the `register globals` setting to prevent exploitation. Additionally, restrict access to the `writeLogEntry` function in `system/v cron proc.php` until a patch is available. Avoid using the `CONF[CRON LOGFILE]` and `CONF[LOCALE LONG DATE TIME]` parameters in a way that could allow arbitrary file uploads.

**Name of the Vulnerable Software and Affected Versions** PHP-Nuke Platinum version 7.6.b.5 **Description** The issue allows remote attackers to obtain configuration information by making a direct request to "maintenance/index.php", which reveals settings such as `magic quotes gpc`. **Recommendations** For PHP-Nuke Platinum version 7.6.b.5, consider restricting access to the "maintenance/index.php" file to prevent unauthorized disclosure of configuration information. As a temporary workaround, limit access to this file until a more permanent solution is available.

**Name of the Vulnerable Software and Affected Versions** PHP-Nuke Platinum version 7.6.b.5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `p` parameter to `modules.php` for the Forums module, specifically targeting the `includes/dynamic titles.php` file. **Recommendations** For PHP-Nuke Platinum version 7.6.b.5, consider restricting access to the `modules.php` endpoint for the Forums module until a patch is available. As a temporary workaround, avoid using the `p` parameter in the affected API endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MediaSlide (com mediaslide) version 0.5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `albumnum` parameter in a contact action within the index.php file of the MediaSlide component for Joomla!. **Recommendations** For version 0.5, avoid using the `albumnum` parameter in the affected API endpoint until the issue is resolved. Consider restricting access to the index.php file in the MediaSlide component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.