CVE-2007-0695

Name of the Vulnerable Software and Affected Versions Free LAN In(tra|ter)net Portal (FLIP) versions prior to 1.0-RC3

Description The issue allows remote attackers to execute arbitrary SQL commands. It is mentioned that the escape sqlData, implode sql, and implode sqlIn functions are protection schemes, not the vulnerable functions.

Recommendations For versions prior to 1.0-RC3, update to version 1.0-RC3 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive SQL commands until a patch is available.