CVE-2005-0841

Name of the Vulnerable Software and Affected Versions phpMyFamily version 1.4.0

Description The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved through the person parameter to the "people.php" endpoint or the Login field.

Recommendations For phpMyFamily version 1.4.0, consider restricting access to the affected php files, such as people.php, track.php, edit.php, document.php, census.php, and passthru.php, until a patch is available. As a temporary workaround, avoid using the person parameter in the "people.php" endpoint and restrict the use of the Login field in the affected scripts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.