CVE-2008-5195

Name of the Vulnerable Software and Affected Versions SebracCMS (sbcms) version 0.4

Description The issue allows remote attackers to execute arbitrary SQL commands, potentially leading to data manipulation or extraction. This is achieved through SQL injection vulnerabilities in various parameters, including the recid parameter to "cms/form/read.php" and the uname parameter to "cms/index.php".

Recommendations For SebracCMS (sbcms) version 0.4, consider restricting access to the "cms/form/read.php" and "cms/index.php" endpoints until a patch is available. As a temporary workaround, avoid using the recid and uname parameters in these endpoints to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.