CVE-2011-5212

Name of the Vulnerable Software and Affected Versions Subrion CMS version 2.0.4

Description The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the user name or password field in the admin/index.php file.

Recommendations For Subrion CMS version 2.0.4, consider updating to a newer version that contains a fix for this issue. As a temporary workaround, restrict access to the admin/index.php file to minimize the risk of exploitation. Avoid using the user name and password fields in the affected file until the issue is resolved.