CVE-2010-4857

Name of the Vulnerable Software and Affected Versions CAG CMS version 0.2 Beta

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the itemid parameter in the "click.php" file.

Recommendations For CAG CMS version 0.2 Beta, avoid using the itemid parameter in the click.php file until a fix is available. Consider restricting access to the click.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.