CVE-2006-4736

Name of the Vulnerable Software and Affected Versions CMS.R version 5.5

Description The issue concerns SQL injection vulnerabilities in the index.php file of CMS.R, allowing remote attackers to execute arbitrary SQL commands. This can be achieved via the adminname and adminpass parameters.

Recommendations For CMS.R version 5.5, consider restricting access to the index.php file until a patch is available, and avoid using the adminname and adminpass parameters in the affected API endpoint to minimize the risk of exploitation.