CVE-2008-3489

Name of the Vulnerable Software and Affected Versions PHPX version 3.5.16

Description A SQL injection issue exists in the checkCookie function, located in includes/functions.inc.php, allowing remote attackers to execute arbitrary SQL commands by manipulating the PXL cookie.

Recommendations For PHPX version 3.5.16, consider disabling the checkCookie function until a patch is available to prevent exploitation. Restrict access to the includes/functions.inc.php file to minimize the risk of SQL injection attacks. Avoid using the PXL cookie in the affected function until the issue is resolved.