CVE-2006-6873

Name of the Vulnerable Software and Affected Versions: eNdonesia version 8.4

Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the did parameter in a 'viewdisk' operation or the cid parameter in 'viewlink' or 'viewcat' operations.

Recommendations: For eNdonesia version 8.4, consider restricting access to the mod.php file until a patch is available. As a temporary workaround, avoid using the did and cid parameters in the affected operations.