T0Pp8Uzz

Name of the Vulnerable Software and Affected Versions: SimpleBoard (com simpleboard) component versions 1.0.1 and earlier for Mambo Description: The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension and an image/jpeg content type to the `image upload.php` file, and then accessing this file via a direct request to the file in `components/com simpleboard/`. Recommendations: For SimpleBoard (com simpleboard) component versions 1.0.1 and earlier, consider restricting access to the `image upload.php` file until a fix is available, and avoid uploading files with executable extensions to prevent potential code execution.

Name of the Vulnerable Software and Affected Versions: e-Commerce Plugin versions 3.4 and earlier Description: The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the image processing.php file in the e-Commerce Plugin for Wordpress, and then accessing it via a direct request to the file in wp-content/plugins/wp-shopping-cart/. Recommendations: For versions 3.4 and earlier, update to a version later than 3.4 to resolve the issue. As a temporary workaround, consider restricting access to the image processing.php file in the e-Commerce Plugin to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: 7Shop versions 1.1 and earlier Description: The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the includes/imageupload.php script, and then accessing it via a direct request to the file in images/artikel/. Recommendations: For versions 1.1 and earlier, consider disabling the image upload functionality in includes/imageupload.php until a patch is available to prevent remote attackers from executing arbitrary code. Restrict access to the images/artikel/ directory to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** xeCMS versions 1.0.0 RC2 and earlier **Description** The issue allows remote attackers to bypass authentication and access the admin panel by setting the `xecms username` cookie. This enables unauthorized access to the admin panel. **Recommendations** For xeCMS versions 1.0.0 RC2 and earlier, as a temporary workaround, consider restricting access to the admin panel until a patch is available. Avoid using the `xecms username` cookie in the affected admin.php file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** openInvoice versions 0.90 beta and earlier **Description** The issue allows remote authenticated users to change the passwords of arbitrary users by modifying the `uid` parameter in the resetpass.php file. This can be exploited in conjunction with a separate vulnerability in auth.php to modify passwords without authentication. **Recommendations** For openInvoice versions 0.90 beta and earlier, avoid using the resetpass.php file until a patch is available. As a temporary workaround, consider restricting access to the resetpass.php file to prevent unauthorized password changes. Additionally, restrict the use of the `uid` parameter in the resetpass.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** openInvoice versions 0.90 beta and earlier **Description** The issue allows remote attackers to bypass authentication and gain privileges by setting the `oiauth` cookie. This can be combined with a separate vulnerability in `resetpass.php` to modify passwords for arbitrary users. **Recommendations** For openInvoice versions 0.90 beta and earlier, consider disabling the authentication mechanism that uses the `oiauth` cookie until a patch is available. Restrict access to the `resetpass.php` file to minimize the risk of exploitation. Avoid using the `oiauth` cookie for authentication purposes until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** 2532designs 2532|Gigs versions 1.2.2 and earlier **Description** The issue allows remote attackers to trigger a backup and obtain sensitive information via a direct request to "backup.php", which creates "backup.sql" under the web root with insufficient access control. **Recommendations** For versions 1.2.2 and earlier, restrict access to the "backup.php" file to minimize the risk of exploitation. Consider implementing proper access control mechanisms to prevent unauthorized creation of backup files.

**Name of the Vulnerable Software and Affected Versions** Vastal I-Tech Software Zone (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cat id` parameter in the view product.php file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple Customer version 1.2 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the `id` parameter in the contact.php file. **Recommendations** For version 1.2, consider restricting access to the contact.php file or validating and sanitizing the `id` parameter to prevent SQL injection attacks. As a temporary workaround, avoid using the `id` parameter in the contact.php file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** AJ Article version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `artid` parameter in a search detail action, specifically targeting the featured article.php file. **Recommendations** For AJ Article version 1.0, consider restricting access to the `artid` parameter in the featured article.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the `artid` parameter in search detail actions until a patch is available.

**Name of the Vulnerable Software and Affected Versions** AJ Square ZeusCart versions 2.0 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cid` parameter in the category list.php file. **Recommendations** For AJ Square ZeusCart versions 2.0 and earlier, consider restricting access to the category list.php file until a patch is available. As a temporary workaround, avoid using the `cid` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** AJ Auction versions 6.2.1 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `item id` parameter in the classifide ad.php file. **Recommendations** For AJ Auction versions 6.2.1 and earlier, update to a version later than 6.2.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** CCleague Pro version 1.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `u` parameter in the "admin.php" endpoint. **Recommendations** For CCleague Pro version 1.2, consider restricting access to the "admin.php" endpoint until a patch is available. As a temporary workaround, avoid using the `u` parameter in the affected endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CCleague Pro version 1.2 **Description** The issue allows remote attackers to bypass authentication. This is achieved by setting the `type` cookie value to `admin` in the `admin.php` file. **Recommendations** For CCleague Pro version 1.2, consider restricting access to the `admin.php` file until a patch is available. As a temporary workaround, avoid using the `type` cookie or restrict its value to prevent unauthorized access.

**Name of the Vulnerable Software and Affected Versions** WebCards version 1.3 **Description** A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This occurs when the `magic quotes gpc` setting is disabled, and the issue is exploited via the `user` parameter. **Recommendations** For WebCards version 1.3, consider disabling the `admin.php` script or restricting access to it until a fix is available. Additionally, enabling `magic quotes gpc` may help mitigate the risk, but this should be done with caution as it may have other security implications.

**Name of the Vulnerable Software and Affected Versions** WebCards version 1.3 **Description** The issue concerns an unrestricted file upload vulnerability in the "Add Image Macro" feature. This allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension and then accessing it via a direct request to the uploaded file. **Recommendations** For WebCards version 1.3, consider disabling the "Add Image Macro" feature until a patch is available to prevent exploitation. Restrict access to file uploads to minimize the risk of arbitrary code execution.

Name of the Vulnerable Software and Affected Versions: Mole Group Lastminute Script version 4.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cid` parameter in the "index.php" endpoint. Recommendations: For version 4.0, consider restricting access to the `cid` parameter in the "index.php" endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Mole Group Hotel Script version 1.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `file` parameter in the "index.php" endpoint. Recommendations: For Mole Group Hotel Script version 1.0, avoid using the `file` parameter in the "index.php" endpoint until a fix is available. As a temporary workaround, consider restricting access to the "index.php" endpoint to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Mole Group Real Estate Script versions 1.1 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `listing id` parameter in a "listings" action. Recommendations: For Mole Group Real Estate Script versions 1.1 and earlier, consider restricting access to the "listings" action or avoiding the use of the `listing id` parameter until a fix is available.

**Name of the Vulnerable Software and Affected Versions** EZCMS versions 1.2 and earlier **Description** The issue concerns the File Manager, which does not require authentication, allowing remote attackers to create, modify, read, and delete files. **Recommendations** For EZCMS versions 1.2 and earlier, consider restricting access to the "admin/filemanager/" endpoint until a fix is available. As a temporary workaround, implement authentication for the File Manager to prevent unauthorized access.