CVE-2011-1556

Name of the Vulnerable Software and Affected Versions Aphpkb version 0.95.4

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the pdfa parameter in the plugins/pdfClasses/pdfgen.php plugin.

Recommendations For Aphpkb version 0.95.4, consider restricting access to the pdfgen.php plugin until a patch is available. As a temporary workaround, avoid using the pdfa parameter in the affected plugin to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.