CVE-2008-7210

Name of the Vulnerable Software and Affected Versions AJchat version 0.10

Description The issue allows remote attackers to bypass input validation and conduct SQL injection attacks. This is achieved by providing a numeric parameter with a value matching the s parameter's hash value, which prevents the associated $ GET["s"] variable from being unset.

Recommendations For AJchat version 0.10, consider implementing proper input validation to prevent SQL injection attacks. As a temporary workaround, restrict access to the directory.php file to minimize the risk of exploitation.