CVE-2002-2252

Name of the Vulnerable Software and Affected Versions: Thatware versions 0.5.0 and earlier

Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via a base64-encoded user parameter in the auth.inc.php file.

Recommendations: For versions 0.5.0 and earlier, update to a version later than 0.5.0 to resolve the issue. As a temporary workaround, consider restricting access to the auth.inc.php file to minimize the risk of exploitation. Avoid using the user parameter in the affected API endpoint until the issue is resolved.