The-Insider

**Name of the Vulnerable Software and Affected Versions** Gallery 2.0 Alpha **Description** The issue allows remote attackers to gain sensitive information by modifying the `g2 subView` parameter in the `main.php` file, which reveals the path in an error message. **Recommendations** For Gallery 2.0 Alpha, consider restricting access to the `main.php` file or avoiding the use of the `g2 subView` parameter until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Gallery version 1.3.4-pl1 **Description** The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting (XSS) attacks. This can be achieved through various fields in different scripts, including the index field in `add comment.php`, `set albumName`, `slide index`, `slide full`, `slide loop`, `slide pause`, `slide dir` fields in `slideshow low.php`, or the `username` field in `search.php`. **Recommendations** For Gallery version 1.3.4-pl1, consider disabling the affected scripts (`add comment.php`, `slideshow low.php`, `search.php`) or restricting access to them until a patch is available. Avoid using the vulnerable fields (`index`, `set albumName`, `slide index`, `slide full`, `slide loop`, `slide pause`, `slide dir`, `username`) in the respective scripts to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WinHKI version 1.4d **Description** A directory traversal issue allows remote attackers to overwrite arbitrary files by including a .. (dot dot) in a zip file. **Recommendations** For WinHKI version 1.4d, consider updating to a newer version that addresses this issue, if available. As a temporary workaround, restrict the handling of zip files to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** Gallery version 2.0 Alpha **Description** A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the `g2 form[subject]` field in the login.php file. **Recommendations** For Gallery version 2.0 Alpha, consider restricting access to the login.php file until a fix is available, and avoid using the `g2 form[subject]` field in the affected API endpoint. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Internet Explorer version 6 on Windows XP SP2 **Description** The issue allows remote attackers to bypass the file download warning dialog, potentially tricking users into executing arbitrary code. This can be achieved through a web page containing a body element with an onclick tag, utilizing the createElement function. **Recommendations** For Internet Explorer 6 on Windows XP SP2, consider disabling the onclick functionality in the body element as a temporary workaround until a patch is available. Restrict access to web pages that utilize the createElement function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** FREESCO version 2.05 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `test` parameter. This can lead to the execution of malicious scripts on the victim's browser. **Recommendations** For FREESCO version 2.05, consider restricting access to the vulnerable parameter `test` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VocalTec VGW4/8 Gateway version 8.0 **Description** A directory traversal issue allows remote attackers to read protected files by using .. (dot dot) sequences in an HTTP request. This has been demonstrated using the home.asp file. **Recommendations** For VocalTec VGW4/8 Gateway version 8.0, consider restricting access to sensitive files and directories to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the use of HTTP requests that contain .. (dot dot) sequences.

**Name of the Vulnerable Software and Affected Versions** Panda ActiveScan version 5.0 **Description** The issue allows remote attackers to execute arbitrary code via the `Internacional` property followed by a long string, which leads to a buffer overflow in the `ascontrol.dll` component. **Recommendations** For Panda ActiveScan version 5.0, consider updating to a newer version that addresses this issue, as the current version is affected by the buffer overflow in `ascontrol.dll`. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mcafee FreeScan (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long string in the `ScanParam` property of a COM object. This may trigger a buffer overflow. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WebcamXP version 1.06.945 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary HTML or web script as other users via a specially crafted URL. This could potentially lead to unauthorized actions being taken on behalf of other users. **Recommendations** For WebcamXP version 1.06.945, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the application to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GeoHttpServer (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service, potentially triggering a buffer overflow, by sending a long `pwd` parameter to the sysinfo script. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Novell NetWare Enterprise Web Server versions 5.1 through 6.0 **Description** The issue allows remote attackers to read arbitrary .htt files by providing a full pathname in the `error` parameter of the webacc servlet. **Recommendations** For Novell NetWare Enterprise Web Server versions 5.1 through 6.0, consider restricting access to the webacc servlet to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle HTTP Server version 1.3.22 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to execute arbitrary scripts as other users. The exploitation is possible via the `action`, `username`, or `password` parameters in an isqlplus request. **Recommendations** For Oracle HTTP Server version 1.3.22, update to a version that includes the fix for this issue to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** Borland Web Server versions 1.0b3 and earlier **Description** The issue allows remote attackers to read and download arbitrary files due to multiple directory traversal vulnerabilities. This can be achieved via multi-dot "......" sequences or "%5c%2e%2e" (encoded "..") sequences in the URL. **Recommendations** For Borland Web Server versions 1.0b3 and earlier, consider restricting access to sensitive files and directories as a temporary workaround until a patch is available. Avoid using the vulnerable URL patterns in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nextplace.com E-Commerce ASP Engine (affected versions not specified) **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The affected API endpoints include "productdetail.asp", "searchresults.asp", and possibly "ListCategories.asp". The vulnerable parameters are the `level` parameter in "productdetail.asp" and the `searchKey` parameter in "searchresults.asp", as well as possibly the `level` parameter in "ListCategories.asp". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OwnServer versions 1.0 and earlier **Description** A directory traversal issue allows remote attackers to read arbitrary files by including a .. (dot dot) in a URL. **Recommendations** For OwnServer versions 1.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LAN SUITE Web Mail 602Pro (affected versions not specified) **Description** The issue allows remote attackers to gain sensitive information via the mail login form. This form contains the path to the mail directory, which can be exploited to obtain sensitive data. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BitDefender Scan Online (affected versions not specified) **Description** The issue allows remote attackers to obtain sensitive information, such as system drives and contents, or use the `RequestFile` method to download and execute arbitrary code via an object codebase that uses `bitdefender.cab`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LAN SUITE Web Mail 602Pro (affected versions not specified) **Description** A cross-site scripting (XSS) issue allows remote attackers to execute arbitrary script or HTML as other users via a URL to "index.html", followed by a / (slash) and the desired script. The vendor has stated that this bug could not be reproduced. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LAN SUITE Web Mail 602Pro (affected versions not specified) **Description** The issue allows remote attackers to obtain a directory listing when the "Directory browsing" feature is enabled. This can be achieved via an HTTP request to specific endpoints, such as "index.html", "cgi-bin/", or "users/". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.