CVE-2008-2977

Name of the Vulnerable Software and Affected Versions Ourvideo CMS version 9.5

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the include connection parameter to API endpoints such as "edit top feature.php" and "edit topics feature.php" in the "phpi/" directory.

Recommendations For Ourvideo CMS version 9.5, consider restricting access to the edit top feature.php and edit topics feature.php files in the "phpi/" directory to minimize the risk of exploitation. Avoid using the include connection parameter in these API endpoints until the issue is resolved.