Efestech · Efestech Shop · CVE-2008-3030
**Name of the Vulnerable Software and Affected Versions**
EfesTECH Shop version 2.0
**Description**
The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `cat id` parameter in an "urunler" action in the default.asp file.
**Recommendations**
For EfesTECH Shop version 2.0, consider restricting access to the default.asp file until a patch is available, and avoid using the `cat id` parameter in the urunler action to minimize the risk of exploitation.