Sarbot511

**Name of the Vulnerable Software and Affected Versions** UltraPlayer Media Player version 2.112 **Description** The issue is a stack-based buffer overflow that allows remote attackers to execute arbitrary code. This is achieved by providing a long string in a .usk file. **Recommendations** For UltraPlayer Media Player version 2.112, update to a newer version that contains a fix for this issue. If no specific fix is provided for version 2.112, consider avoiding the use of .usk files until the issue is resolved. As a temporary workaround, consider restricting access to files that could potentially trigger the buffer overflow.

**Name of the Vulnerable Software and Affected Versions** Diesel Joke Site (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `id` parameter in picture category.php, which is a different vector than previously identified issues. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.