CVE-2008-3343

Name of the Vulnerable Software and Affected Versions MyioSoft EasyPublish version 3.0tr (trial edition)

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting a SQL injection vulnerability in the read parameter of a search action in the staticpages/easypublish/index.php file.

Recommendations For MyioSoft EasyPublish version 3.0tr (trial edition), consider restricting access to the read parameter in the search action until a patch is available. As a temporary workaround, avoid using the read parameter in the affected API endpoint until the issue is resolved.