Kevinoclamo

**Name of the Vulnerable Software and Affected Versions** BlogoText versions prior to 3.7.7 **Description** A cross-site scripting (XSS) issue exists due to a flaw in the `markup clean href` function. This allows remote attackers to inject arbitrary JavaScript code via a comment. **Recommendations** For versions prior to 3.7.7, update to version 3.7.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** BlogoText versions through 3.7.6 **Description** The issue allows attackers to bypass intended access restrictions via vectors related to an e-mail address field in the `validate form preferences` function in `admin/preferences.php`. **Recommendations** For BlogoText versions through 3.7.6, consider restricting access to the `admin/preferences.php` file until a patch is available, or apply configuration changes to limit the impact of the issue.

**Name of the Vulnerable Software and Affected Versions** BlogoText versions prior to 3.7.7 **Description** The issue allows remote attackers to read backup archives on Windows servers by defeating a filename-randomization protection mechanism. This can be achieved by providing the `archiv~1.zip` name, which is an 8.3 filename, to the `creer fichier zip` function in `admin/maintenance.php`. **Recommendations** For versions prior to 3.7.7, update to version 3.7.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the `admin/maintenance.php` file to minimize the risk of exploitation. Avoid using the `archiv~1.zip` filename in the affected `creer fichier zip` function until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Cacti version 1.1.17 **Description** A cross-site scripting issue exists in the `method` parameter in `spikekill.php`. **Recommendations** For Cacti version 1.1.17, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Cacti versions prior to 1.1.16 **Description** A cross-site scripting (XSS) issue exists, allowing remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the `cancel url` variable. This issue is due to an incomplete fix that lacked the htmlspecialchars ENT QUOTES flag. **Recommendations** For versions prior to 1.1.16, update to version 1.1.16 or later to resolve the issue. As a temporary workaround, consider restricting access to the aggregate graphs.php file until a patch is applied. Avoid using specially crafted HTTP Referer headers in the affected `cancel url` variable until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Cacti versions prior to 1.1.16 **Description** The issue allows remote attackers to execute arbitrary code via the `avgnan`, `outlier-start`, or `outlier-end` parameter in the spikekill.php file. **Recommendations** For versions prior to 1.1.16, update to version 1.1.16 or later to resolve the issue. As a temporary workaround, consider restricting access to the spikekill.php file until a patch is applied. Avoid using the `avgnan`, `outlier-start`, or `outlier-end` parameters in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Xinha version 0.96 Jojo version 4.4.0 **Description** A directory traversal issue exists, allowing remote attackers to delete any folder using directory traversal sequences in the `deld` parameter. This issue is related to the plugins/ImageManager/backend.php file in Xinha. **Recommendations** For Xinha version 0.96, avoid using the `deld` parameter in the affected API endpoint until the issue is resolved. For Jojo version 4.4.0, restrict access to the vulnerable backend.php file to minimize the risk of exploitation.