CVE-2006-0809

Name of the Vulnerable Software and Affected Versions Skate Board version 0.9

Description The issue allows remote attackers to execute arbitrary SQL commands. This is possible via the usern parameter in the "sendpass.php" endpoint, and the usern and passwd parameters, as well as the sf cookie cookie in the "login.php" and "logged.php" endpoints.

Recommendations For Skate Board version 0.9, consider restricting access to the "sendpass.php", "login.php", and "logged.php" endpoints until a patch is available. As a temporary workaround, avoid using the usern and passwd parameters in these endpoints. Additionally, restrict the use of the sf cookie cookie to minimize the risk of exploitation.