Unknown · Multiple Membership Script · CVE-2008-6362
Name of the Vulnerable Software and Affected Versions:
Multiple Membership Script version 2.5
Description:
The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the sitepage.php file.
Recommendations:
For version 2.5, avoid using the `id` parameter in the sitepage.php file until the issue is resolved. As a temporary workaround, consider restricting access to the sitepage.php file to minimize the risk of exploitation.