CVE-2007-3128

Name of the Vulnerable Software and Affected Versions: WSPortal version 1.0

Description: A SQL injection issue exists in the content.php file of WSPortal, allowing remote attackers to execute arbitrary SQL commands when magic quotes gpc is disabled. This is achieved by manipulating the page parameter.

Recommendations: For WSPortal version 1.0, consider disabling the content.php file or restricting access to it until a patch is available. Additionally, enabling magic quotes gpc can help mitigate this issue.