Liz0

**Name of the Vulnerable Software and Affected Versions** Sergey Korostel PHP Upload Center (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary PHP code by uploading a file with a name that ends in a .php.li extension. This file can then be accessed from the upload directory, potentially leading to code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHP Advanced Transfer Manager versions 1.00 through 1.30 **Description** The issue allows remote attackers to download sensitive information, including password hashes, due to insufficient access control. This is possible because the sensitive data is stored under the web root, making it accessible via a direct request for a "users/[USERNAME]" file. **Recommendations** For PHP Advanced Transfer Manager versions 1.00 through 1.30, consider restricting access to the sensitive files stored under the web root to minimize the risk of exploitation. As a temporary workaround, limit direct requests to the "users/[USERNAME]" file until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** N8cms versions 1.1 through 1.2 **Description** The issue allows remote attackers to inject arbitrary web script or HTML, potentially resulting from SQL injection. This can be achieved via the `dir` and `page id` parameters to "index.php" and the `userid` parameter to "mailto.php". **Recommendations** For versions 1.1 and 1.2, consider restricting access to the `index.php` and `mailto.php` files until a patch is available. As a temporary workaround, avoid using the `dir`, `page id`, and `userid` parameters in the affected API endpoints.

**Name of the Vulnerable Software and Affected Versions** ADP Forum versions 2.0 through 2.0.3 **Description** The issue allows remote attackers to obtain user credentials due to sensitive information being stored in plaintext files under the web document root with insufficient access control. This can be achieved via requests to the "forum/users" directory. **Recommendations** For ADP Forum versions 2.0 through 2.0.3, consider restricting access to the forum/users directory to minimize the risk of exploitation. As a temporary workaround, limit access to sensitive information stored in plaintext files under the web document root until a proper fix is applied.