Priestmaster

Name of the Vulnerable Software and Affected Versions: PHPCounter version 7.2 Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `EpochPrefix` parameter. This can lead to the execution of malicious code on the victim's browser. Recommendations: For PHPCounter version 7.2, avoid using the `EpochPrefix` parameter until a patch is available. As a temporary workaround, consider validating and sanitizing all input to prevent malicious code injection.

Name of the Vulnerable Software and Affected Versions: PHPCounter version 7.2 Description: The issue allows remote attackers to obtain sensitive information via a direct request to "prelims.php", which reveals the path in an error message. Recommendations: For PHPCounter version 7.2, consider restricting access to the "prelims.php" file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: YabbSE version 1.5.5c Description: The issue allows remote attackers to obtain sensitive information by making a direct request to "ssi examples.php", which reveals the path. Recommendations: For YabbSE version 1.5.5c, consider restricting access to the "ssi examples.php" file to prevent sensitive information disclosure until a patch is available.