CVE-2008-3785

Name of the Vulnerable Software and Affected Versions MiaCMS version 4.6.5

Description The issue concerns SQL injection vulnerabilities in the com content component. Remote attackers can execute arbitrary SQL commands by manipulating the id parameter in various actions, including view, category, or blogsection actions, to the "index.php" endpoint.

Recommendations For MiaCMS version 4.6.5, consider restricting access to the id parameter in the com content component to minimize the risk of exploitation. As a temporary workaround, avoid using the id parameter in the affected actions until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.