Ka0X

**Name of the Vulnerable Software and Affected Versions** WebLeague version 2.2.0 **Description** The issue concerns SQL injection vulnerabilities in the Admin/index.php file of WebLeague. When magic quotes gpc is disabled, remote attackers can execute arbitrary SQL commands by manipulating the `username` and `password` parameters. **Recommendations** For WebLeague version 2.2.0, consider disabling the use of the `username` and `password` parameters in the Admin/index.php file until a patch is available, or enable magic quotes gpc to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** Blue Eye CMS versions 1.0.0 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands when the `magic quotes gpc` setting is disabled. This is achieved via the `BlueEyeCMS login` cookie parameter in the API endpoint. **Recommendations** For Blue Eye CMS versions 1.0.0 and earlier, consider disabling the use of the `BlueEyeCMS login` cookie parameter until a patch is available. Additionally, enabling `magic quotes gpc` may help mitigate the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Rianxosencabos CMS version 0.9 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in scripts/links.php. **Recommendations** For Rianxosencabos CMS version 0.9, avoid using the `id` parameter in the vulnerable script until a fix is available. Consider restricting access to scripts/links.php to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Free Links Directory Script (FLDS) version 1.2a **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `linkid` parameter in the "report.php" API endpoint. **Recommendations** For Free Links Directory Script (FLDS) version 1.2a, consider restricting access to the `linkid` parameter in the "report.php" endpoint until a patch is available. As a temporary workaround, avoid using the `linkid` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Addalink versions 1.0 beta 4 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `category id` parameter in the "user read links.php" file when magic quotes gpc is disabled. **Recommendations** For Addalink versions 1.0 beta 4 and earlier, consider disabling the use of the `category id` parameter in the user read links.php file until a patch is available. Restrict access to the user read links.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** phpRealty versions 0.03 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `INC` parameter in the manager/static/view.php file. **Recommendations** For phpRealty versions 0.03 and earlier, update to a version later than 0.03 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: SmartPPC versions (affected versions not specified) SmartPPC Pro versions (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `idDirectory` parameter in the "directory.php" file. Recommendations: For SmartPPC, update the directory.php file to properly sanitize the `idDirectory` parameter. For SmartPPC Pro, update the directory.php file to properly sanitize the `idDirectory` parameter. As a temporary workaround, consider restricting access to the directory.php file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** astatsPRO (com astatspro) version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `id` parameter in the refer.php file. This can be exploited by sending malicious input to the vulnerable API endpoint. **Recommendations** For astatsPRO (com astatspro) version 1.0, avoid using the `id` parameter in the refer.php file until the issue is resolved. As a temporary workaround, consider restricting access to the refer.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** All Club CMS (ACCMS) versions 0.0.1f and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `name` parameter in the "index.php" file. **Recommendations** For All Club CMS (ACCMS) versions 0.0.1f and earlier, avoid using the `name` parameter in the "index.php" file until a fix is available. Consider restricting access to the "index.php" file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** LulieBlog versions 1.0.1 through 1.0.2 **Description** The issue allows remote attackers to accept comments, delete comments, and delete articles. This is possible due to a lack of access restriction to certain PHP files in the Admin/ directory, specifically (1) article suppr.php, (2) comment accepter.php, and (3) comment refuser.php, which can be exploited using the `id` parameter. **Recommendations** For LulieBlog versions 1.0.1 and 1.0.2, restrict access to the "article suppr.php", "comment accepter.php", and "comment refuser.php" files in the Admin/ directory to prevent unauthorized actions. As a temporary workaround, consider restricting the use of the `id` parameter in these files until a proper fix is applied.

**Name of the Vulnerable Software and Affected Versions** Agares PhpAutoVideo version 2.21 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `articlecat` parameter in the includes/articleblock.php file. **Recommendations** For Agares PhpAutoVideo version 2.21, consider restricting access to the `articlecat` parameter in the includes/articleblock.php file until a patch is available. As a temporary workaround, avoid using the `articlecat` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** TutorialCMS (aka Photoshop Tutorials) version 1.02 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `userName` parameter when magic quotes gpc is disabled. **Recommendations** For TutorialCMS (aka Photoshop Tutorials) version 1.02, consider disabling the `userName` parameter in the activate.php file until a patch is available, or enable magic quotes gpc to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** PHP Webquest version 2.6 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `id actividad` parameter in the soporte horizontal w.php file. **Recommendations** For PHP Webquest version 2.6, avoid using the `id actividad` parameter in the soporte horizontal w.php file until a fix is available. Consider implementing input validation and sanitization for the `id actividad` parameter to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** WorkingOnWeb version 2.0.1400 **Description** A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved via the `idevent` parameter in the events.php file. **Recommendations** For WorkingOnWeb version 2.0.1400, consider restricting access to the events.php file or the `idevent` parameter to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Novus version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `nota id` parameter in the notas.asp file. **Recommendations** For Novus version 1.0, avoid using the `nota id` parameter in the notas.asp file until the issue is resolved. As a temporary workaround, consider restricting access to the notas.asp file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: MapLab version 2.2.1 Description: The issue allows remote attackers to execute arbitrary PHP code when the `register globals` setting is enabled. This is achieved by providing a URL in the `gszAppPath` parameter. Recommendations: For MapLab version 2.2.1, consider disabling the `register globals` setting to prevent exploitation. Additionally, restrict access to the `gmapfactory/params.php` file to minimize the risk of arbitrary PHP code execution. Avoid using the `gszAppPath` parameter in the affected API endpoint until the issue is resolved.