Pokley

**Name of the Vulnerable Software and Affected Versions** PostNuke versions 0.750 through 0.760rc4 **Description** The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the pnModFunc function in pnMod.php. This is achieved by including a .. (dot dot) in the `func` parameter to "index.php". **Recommendations** For PostNuke versions 0.750 through 0.760rc4, consider restricting access to the pnModFunc function in pnMod.php until a patch is available. As a temporary workaround, avoid using the `func` parameter in the "index.php" endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Neteyes Nexusway (affected versions not specified) **Description** The issue allows remote attackers to bypass authentication and gain administrator privileges by setting the `cyclone500 auth` cookie. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Neteyes Nexusway (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary commands. This is achieved by using hex-encoded shell metacharacters in the `ip` parameter for either "nslookup.cgi" or "ping.cgi" API endpoints. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Neteyes Nexusway (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary commands via shell metacharacters in arguments to certain commands. This can be demonstrated using commands such as `ping` and `traceroute`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RUNCMS version 1.1A **Description** The issue arises when the "Allow custom avatar upload" feature is enabled, allowing remote attackers to upload arbitrary files due to improper file verification. **Recommendations** For RUNCMS version 1.1A, consider disabling the "Allow custom avatar upload" feature until a proper fix is implemented to verify uploaded files.

**Name of the Vulnerable Software and Affected Versions** vBulletin versions 3.0.6 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via nested variables in the `template` parameter when "Add Template Name in HTML Comments" is enabled. **Recommendations** For versions 3.0.6 and earlier, disable the "Add Template Name in HTML Comments" option to prevent exploitation. As a temporary workaround, consider restricting access to the `misc.php` file until a patch is available. Avoid using nested variables in the `template` parameter until the issue is resolved.