CVE-2008-6263

Name of the Vulnerable Software and Affected Versions: SaturnCMS (affected versions not specified)

Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the username parameter to the userLoggedIn function in the lib/user/t user.php file.

Recommendations: As a temporary workaround, consider restricting access to the userLoggedIn function until a patch is available. Avoid using the username parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.