CVE-2008-2479

Name of the Vulnerable Software and Affected Versions: phpFix version 2.0

Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the kind parameter to "fix/browse.php" and the account parameter to "auth/00 pass.php".

Recommendations: For phpFix version 2.0, consider restricting access to the "fix/browse.php" and "auth/00 pass.php" endpoints until a patch is available. As a temporary workaround, avoid using the kind and account parameters in the affected API endpoints.