Shankar

Name of the Vulnerable Software and Affected Versions: Drupal versions prior to 5.2 Description: The issue allows remote attackers to execute arbitrary PHP code by invoking the drupal eval function through a callback parameter to the default URI. This can be achieved by including a numeric parameter with a value matching an alphanumeric parameter's hash value in the input data. For example, this can be demonstrated by the ` menu[callbacks][1][callback]` parameter. Recommendations: For versions prior to 5.2, consider disabling the `drupal eval` function as a temporary workaround until a proper fix is applied. Restrict access to the default URI to minimize the risk of exploitation. Avoid using the ` menu[callbacks][1][callback]` parameter in the affected URI until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: TikiWiki version 1.9.8 Description: The issue allows remote attackers to execute arbitrary code via PHP sequences in the `f` array parameter, which are processed by the `create function` function. Recommendations: For TikiWiki version 1.9.8, consider restricting access to the `tiki-graph formula.php` file until a patch is available. As a temporary workaround, avoid using the `f` array parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WoltLab Burning Book version 1.1.2 **Description** The issue concerns SQL injection vulnerabilities in the addentry.php file. Remote attackers can execute arbitrary SQL commands via the `n` parameter and the `User-Agent` HTTP header. **Recommendations** For WoltLab Burning Book version 1.1.2, update to a version that fixes the SQL injection vulnerabilities in the addentry.php file to prevent remote attackers from executing arbitrary SQL commands.

**Name of the Vulnerable Software and Affected Versions** WoltLab Burning Book version 1.1.2 **Description** The issue allows remote attackers to execute arbitrary PHP code via crafted POST requests. This is achieved by storing PHP code in a database that is later processed by `eval()`, potentially through SQL injection via the `n` parameter. **Recommendations** For WoltLab Burning Book version 1.1.2, consider disabling the `eval()` function in the `addentry.php` file until a patch is available. Restrict access to the `addentry.php` file to minimize the risk of exploitation. Avoid using the `n` parameter in the affected POST requests until the issue is resolved.