CVE-2008-3166

Name of the Vulnerable Software and Affected Versions: BoonEx Ray version 3.5

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the sIncPath parameter in the modules/global/inc/content.inc.php file when register globals is enabled.

Recommendations: For BoonEx Ray version 3.5, consider disabling the register globals setting to prevent exploitation until a patch is available. Restrict access to the modules/global/inc/content.inc.php file to minimize the risk of exploitation. Avoid using the sIncPath parameter in affected API endpoints until the issue is resolved.