CVE-2008-2870

Name of the Vulnerable Software and Affected Versions ShareCMS version 0.1 Beta

Description The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the eventID parameter to "event info.php" and the userID parameter to "list user.php".

Recommendations For ShareCMS version 0.1 Beta, avoid using the eventID parameter in "event info.php" and the userID parameter in "list user.php" until the issue is resolved. Consider restricting access to these parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.