N3W7U

**Name of the Vulnerable Software and Affected Versions** NUs Newssystem version 1.02 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the Nus.php file. **Recommendations** For version 1.02, avoid using the `id` parameter in the affected Nus.php file until the issue is resolved. Restrict access to the Nus.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Easy-Clanpage version 2.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in a "kate" action in the gallery module of the index.php file. **Recommendations** For Easy-Clanpage version 2.2, consider restricting access to the gallery module until a patch is available. As a temporary workaround, avoid using the `id` parameter in the affected module to minimize the risk of exploitation.