Uid0

Name of the Vulnerable Software and Affected Versions: SQuery versions 4.5 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `libpath` parameter. This occurs when `register globals` is disabled. Recommendations: For SQuery versions 4.5 and earlier, consider disabling the `libpath` parameter or restricting its use until a patch is available. Additionally, enabling `register globals` may prevent the issue, but this should be done with caution due to potential security implications of enabling this setting. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** KnowledgebasePublisher version 1.2 **Description** The issue allows remote attackers to include and execute arbitrary PHP code via a URL in the `dir` parameter in PageController.php. **Recommendations** For KnowledgebasePublisher version 1.2, consider restricting access to the `dir` parameter in the PageController.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.