V1Per-Hacker

**Name of the Vulnerable Software and Affected Versions** WebChat version 0.77 **Description** A remote file inclusion issue in the defines.php file of WebChat allows remote attackers to execute arbitrary PHP code by providing a URL in the `WEBCHATPATH` parameter. **Recommendations** For WebChat version 0.77, avoid using the `WEBCHATPATH` parameter in the affected API endpoint until the issue is resolved. Restrict access to the defines.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PhpMyCms version 0.3 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `basepath start` parameter in the `basic.inc.php` file. **Recommendations** For PhpMyCms version 0.3, avoid using the `basepath start` parameter in the affected API endpoint until the issue is resolved. Consider restricting access to the `basic.inc.php` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mg.applanix versions 1.3.1 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `apx root path` parameter to specific API endpoints, including "/act/act check access.php", "/dsp/dsp form booking ctl.php", and "/dsp/dsp bookings.php". **Recommendations** For mg.applanix versions 1.3.1 and earlier, consider restricting access to the vulnerable API endpoints "/act/act check access.php", "/dsp/dsp form booking ctl.php", and "/dsp/dsp bookings.php" to minimize the risk of exploitation. Avoid using the `apx root path` parameter in these endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GimeScripts Shopping Catalog versions 0.9.1 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `custom` parameter. This can be achieved by manipulating the URL to include malicious PHP code, which can then be executed by the server. **Recommendations** For GimeScripts Shopping Catalog versions 0.9.1 and earlier, consider restricting access to the `index.php` file until a patch is available. As a temporary workaround, avoid using the `custom` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iWonder Designs Storystream version 0.4.0.0 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `baseDir` parameter to (1) "mysql.php" and (2) "mysqli.php" in include/classes/pear/DB/. **Recommendations** For iWonder Designs Storystream version 0.4.0.0, consider restricting access to the `mysql.php` and `mysqli.php` files in the include/classes/pear/DB/ directory to minimize the risk of exploitation. Avoid using the `baseDir` parameter in these files until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Faq Administrator version 2.1b Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `email` parameter in the faq reply.php file. Recommendations: For Faq Administrator version 2.1b, consider restricting access to the faq reply.php file or validating and sanitizing the `email` parameter to prevent remote file inclusion attacks.

Name of the Vulnerable Software and Affected Versions: phpProfiles version 2.1 Beta Description: The issue allows remote attackers to execute arbitrary PHP code. This can be achieved via a URL in the `reqpath` parameter to 'body.inc.php' and 'body blog.inc.php' in 'users/include/'; or the `usrinc` parameter in 'users/include/upload ht.inc.php'. Recommendations: For phpProfiles version 2.1 Beta, consider restricting access to the `body.inc.php` and `body blog.inc.php` files in 'users/include/' and the `upload ht.inc.php` file until a patch is available. Avoid using the `reqpath` and `usrinc` parameters in the affected files to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: ask rave versions 0.9 PR through 0.9, and other versions before 0.9b Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `footfile` parameter. This can be achieved by manipulating the `footfile` parameter in the API endpoint, although the specific endpoint is not mentioned. Recommendations: For versions 0.9 PR through 0.9, and other versions before 0.9b, consider restricting access to the `footfile` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Download-Engine version 1.4.2 **Description** A remote file inclusion issue allows attackers to execute arbitrary PHP code via a URL in the `spaw root` parameter. This issue is likely a duplicate and may actually reside in a third-party product, SPAW Editor PHP Edition. **Recommendations** For Download-Engine version 1.4.2, consider restricting access to the `spaw control.class.php` file in the `admin/includes/spaw` directory to minimize the risk of exploitation. Avoid using the `spaw root` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SH-News versions 3.1 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `scriptpath` parameter to various PHP files, including "report.php", "archive.php", "comments.php", "init.php", and "news.php". **Recommendations** For SH-News versions 3.1 and earlier, consider restricting access to the `scriptpath` parameter in the affected PHP files until a patch is available. As a temporary workaround, disabling the execution of remote scripts may help mitigate the risk.

**Name of the Vulnerable Software and Affected Versions** PowerPortal version 1.3a **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `file name[]` parameter in the index.php file. **Recommendations** For PowerPortal version 1.3a, consider restricting access to the `file name[]` parameter in the index.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** A-Blog 2 (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary PHP code via specific parameters in various PHP files. The vulnerable parameters include `open box`, `middle box`, and `close box` in `sources/myaccount.php`, `navigation end` in `navigation/search.php` and `navigation/donation.php`, and `navigation start` and `navigation middle` in `navigation/donation.php`, `navigation/latestnews.php`, and `navigation/links.php`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.