CVE-2007-0350

Name of the Vulnerable Software and Affected Versions: SmE FileMailer versions 1.21 and earlier

Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved through SQL injection vulnerabilities in the index.php and dl.php files. The vulnerable parameters are ps, us, f, and code.

Recommendations: For SmE FileMailer versions 1.21 and earlier, consider disabling the index.php and dl.php files or restricting access to them until a patch is available. Avoid using the parameters ps, us, f, and code in the affected files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.