Pi3Ch

**Name of the Vulnerable Software and Affected Versions** ONNX versions prior to 1.21.0 **Description** ONNX contains a path traversal vulnerability via symlink that allows reading arbitrary files outside the model or user-provided directory. The vulnerability exists because the check for symlinks is ineffective, allowing a symlink to point to an arbitrary location on the file system. An attacker could provide a victim with a compressed file containing a malicious ONNX model and a symlink, which, when uncompressed and loaded, could allow the attacker to read sensitive files and environment variables from the host system. This issue is not limited to UNIX systems. **Recommendations** Update to ONNX version 1.21.0 or later.

**Name of the Vulnerable Software and Affected Versions** PHP-Fusion version 5.01 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `user name` or `user pass` parameters in the setuser.php file of the Digitanium addon. **Recommendations** For PHP-Fusion version 5.01, consider disabling the setuser.php file or restricting access to it until a patch is available. Avoid using the `user name` and `user pass` parameters in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** paFAQ versions Beta4 and possibly other versions **Description** The issue allows remote attackers to execute arbitrary SQL code. This can be achieved via several parameters to different PHP files, including `offset`, `limit`, `order`, or `orderby` to "question.php", `offset` to "answer.php", `search item` to "search.php", and `cat id`, `cid`, or `id` to "comment.php". **Recommendations** For paFAQ version Beta4, consider restricting access to the vulnerable parameters `offset`, `limit`, `order`, `orderby`, `search item`, `cat id`, `cid`, and `id` in the respective PHP files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** paNews version 2.0b4 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary HTML and web script. This is achieved via the `showpost` parameter in comment.php. **Recommendations** For paNews version 2.0b4, avoid using the `showpost` parameter in the comment.php file until a fix is available. As a temporary workaround, consider restricting access to comment.php to minimize the risk of exploitation.