CVE-2008-6064

Name of the Vulnerable Software and Affected Versions DomPHP version 0.81

Description The issue allows remote attackers to execute arbitrary SQL commands, potentially leading to data manipulation or extraction. This can be achieved via the cat parameter to "agenda/index.php", and possibly other unspecified vectors.

Recommendations For DomPHP version 0.81, consider restricting access to the "agenda/index.php" endpoint and avoid using the cat parameter until a fix is available. As a temporary workaround, restrict access to the SQL database to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.