CVE-2008-0801

Name of the Vulnerable Software and Affected Versions PAXXGallery (com paxxgallery) version 0.2

Description The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the iid parameter in a view action, and possibly the userid parameter.

Recommendations For version 0.2, avoid using the iid and userid parameters in the affected API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the index.php file to minimize the risk of exploitation.