CVE-2008-5952

Name of the Vulnerable Software and Affected Versions KTP Computer Customer Database (KTPCCD) CMS (affected versions not specified)

Description The issue allows remote authenticated users to execute arbitrary SQL commands. This is possible via the tid parameter in a vtech action to the default URI when magic quotes gpc is disabled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.