CVE-2007-0339

Name of the Vulnerable Software and Affected Versions: SMe FileMailer version 1.21

Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the ps parameter in the Password field of the login form, located in the index.php file.

Recommendations: For version 1.21, consider restricting access to the login form in index.php to minimize the risk of exploitation. Avoid using the ps parameter in the Password field until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.