Trueend5

**Name of the Vulnerable Software and Affected Versions** bcoos versions 1.0.10 through 1.0.13 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `bid` parameter in the modules/banners/click.php file of the banners module. **Recommendations** For versions 1.0.10 through 1.0.13, consider restricting access to the vulnerable "click.php" file in the banners module until a patch is available. Avoid using the `bid` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** bcoos version 1.0.10 **Description** A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files. This can be achieved by using a .. (dot dot) in the `xoopsOption[pagetype]` parameter to the default URI for modules/news/. The issue can be leveraged by uploading a file containing malicious code using legitimate product functionality, and then including that file. **Recommendations** For bcoos version 1.0.10, consider restricting access to the `include/common.php` file and the `modules/news/` endpoint to minimize the risk of exploitation. Avoid using the `xoopsOption[pagetype]` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mambo versions 4.6.x **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting SQL injection vulnerabilities via the `mcname` parameter to (1) "moscomment.php" and (2) "com comment.php" API endpoints. **Recommendations** For Mambo version 4.6.x, avoid using the `mcname` parameter in the affected API endpoints until the issue is resolved. As a temporary workaround, consider restricting access to "moscomment.php" and "com comment.php" to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mambo versions 4.6.x **Description** The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the query string to "index.php", which reflects the string in an error message from "mod login.php". Additionally, the `mcname` parameter to "moscomment.php" and "com comment.php" is vulnerable. **Recommendations** For Mambo version 4.6.x, consider disabling the `mod login.php` module and restricting access to "moscomment.php" and "com comment.php" until a patch is available. Avoid using the `mcname` parameter in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** AjaxPortal version 3.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands and bypass authentication. This is achieved via the `username` or `password` parameters in the loginADP function in ajaxp.php. **Recommendations** For AjaxPortal version 3.0, consider restricting access to the loginADP function in ajaxp.php until a patch is available. As a temporary workaround, avoid using the `username` and `password` parameters in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Geeklog versions 1.4.0sr2 and earlier **Description** The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary HTML or web script via the `image` argument in a "show" action. **Recommendations** For Geeklog versions 1.4.0sr2 and earlier, consider disabling the `getimage.php` script until a patch is available. Restrict access to the `getimage.php` script to minimize the risk of exploitation. Avoid using the `image` argument in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Geeklog versions 1.4.0sr2 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands and bypass authentication. This is achieved via the `loginname` parameter in the admin/auth.inc.php file. **Recommendations** For Geeklog versions 1.4.0sr2 and earlier, consider updating to a version later than 1.4.0sr2 to resolve the issue. As a temporary workaround, restrict access to the admin/auth.inc.php file to minimize the risk of exploitation. Avoid using the `loginname` parameter in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Geeklog versions 1.4.0sr2 and earlier **Description** The issue allows remote attackers to obtain the full installation path via a direct request and possibly invalid arguments to (1) "layout/professional/functions.php" or (2) "getimage.php". **Recommendations** For Geeklog versions 1.4.0sr2 and earlier, consider restricting access to the "layout/professional/functions.php" and "getimage.php" files until a patch is available.

**Name of the Vulnerable Software and Affected Versions** phpwcms version 1.2.5-DEV **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `BL[be cnt plainhtml]` parameter to the "include/inc tmpl/content/cnt6.inc.php" endpoint. **Recommendations** For phpwcms version 1.2.5-DEV, avoid using the `BL[be cnt plainhtml]` parameter in the affected endpoint until the issue is resolved. Restrict access to the include/inc tmpl/content/cnt6.inc.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** phpwcms version 1.2.5-DEV **Description** A directory traversal issue exists, allowing remote attackers to include arbitrary local files. This is achieved by using .. (dot dot) sequences in the `spaw root` parameter. The issue is actually related to the SPAW Editor PHP Edition. **Recommendations** For phpwcms version 1.2.5-DEV, as a temporary workaround, consider restricting access to the `spaw control.class.php` file until a patch is available. Avoid using the `spaw root` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GuppY version 4.5.11 **Description** A directory traversal issue exists, allowing remote attackers to overwrite arbitrary files. This is achieved by using a "%2E." (mixed encoding) in the `pg` parameter of the dwnld.php file. **Recommendations** For GuppY version 4.5.11, consider restricting access to the dwnld.php file until a patch is available. As a temporary workaround, avoid using the `pg` parameter in the dwnld.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MyTopix version 1.2.3 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `mid` and `keywords` parameters in the "search.php" endpoint. **Recommendations** For MyTopix version 1.2.3, consider restricting access to the `search.php` endpoint until a patch is available, and avoid using the `mid` and `keywords` parameters in this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MyTopix version 1.2.3 **Description** The issue allows remote attackers to obtain the installation path via a direct request to "logon.mod.php", which leaks the path in an error message. **Recommendations** For MyTopix version 1.2.3, consider restricting access to the "logon.mod.php" file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MyTopix version 1.2.3 **Description** The issue allows remote attackers to obtain the installation path via an invalid `hl` parameter to "index.php", leading to path disclosure. This could be related to invalid SQL syntax. **Recommendations** For MyTopix version 1.2.3, consider restricting access to the "index.php" endpoint until a patch is available, and avoid using the `hl` parameter in this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Beehive Forum versions 0.6.2 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `user sess` parameter in the "index.php" endpoint. **Recommendations** For Beehive Forum versions 0.6.2 and earlier, consider restricting access to the `user sess` parameter in the "index.php" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ThWboard versions prior to 3 Beta 2.84 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `year` parameter in "calendar.php", the `user` parameter array in "v profile.php", and the `userid` parameter in "misc.php". **Recommendations** For ThWboard versions prior to 3 Beta 2.84, update to version 3 Beta 2.84 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable parameters `year`, `user`, and `userid` in the respective files until a patch is available. Avoid using these parameters in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Mambo versions 4.5.2 through 4.5.2.3 **Description** The issue allows remote attackers to obtain the installation path of the application via a URL that causes the application to return an error. **Recommendations** For Mambo versions 4.5.2 through 4.5.2.3, update to a version that fixes this issue to prevent remote attackers from obtaining the installation path. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Chipmunk Topsites script (affected versions not specified) **Description** The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the `ID` parameter in the recommend.php file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Chipmunk Forum script (affected versions not specified) **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the `forumID` parameter to several API endpoints: "newtopic.php", "quote.php", "index.php", and "reply.php". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Chipmunk Scripts Guestbook (affected versions not specified) **Description** The issue allows remote attackers to obtain the installation path of the script by causing an error message to be displayed. This can be achieved through a URL that contains a single quote (') in the `start` parameter of "index.php". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.