Shuya Ueki

**Name of the Vulnerable Software and Affected Versions** Corega CG-WLBARGMH (affected versions not specified) Corega CG-WLBARGNL (affected versions not specified) **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML. **Recommendations** For Corega CG-WLBARGMH, at the moment, there is no information about a newer version that contains a fix for this issue. For Corega CG-WLBARGNL, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Rocomotion P forum versions prior to 1.28 **Description** A directory traversal issue allows remote attackers to read arbitrary files. The vulnerability is present in the Pforum.php file and can be exploited via directory traversal sequences in unspecified vectors. **Recommendations** For versions prior to 1.28, update to version 1.28 or later to resolve the issue. As a temporary workaround, consider restricting access to the Pforum.php file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Roundcube Webmail versions 0.2.2 and earlier **Description** A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of users for requests that modify user information. **Recommendations** For versions 0.2.2 and earlier, update to a version later than 0.2.2 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Under Construction, Baby (UCB) PC2M versions 0.9.22.4 and earlier Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via unknown vectors. Recommendations: For versions 0.9.22.4 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** High Norm Sound Master 2nd version 1.0 **Description** The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting (XSS) attacks. This could enable attackers to execute malicious scripts on the victim's browser, steal sensitive information, or perform unauthorized actions. **Recommendations** For High Norm Sound Master 2nd version 1.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** DIC shop v50 versions 3.0 and earlier DIC shop v52 versions 2.0 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For DIC shop v50 versions 3.0 and earlier, update to a version later than 3.0. For DIC shop v52 versions 2.0 and earlier, update to a version later than 2.0.

Name of the Vulnerable Software and Affected Versions: LunarNight Laboratory WebProxy versions 1.7.8 and earlier Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Recommendations: For versions 1.7.8 and earlier, update to a version later than 1.7.8 to resolve the issue.