CVE-2008-10004

Name of the Vulnerable Software and Affected Versions Email Registration versions 5.x-2.1

Description A critical issue affects the email registration user function of the email registration.module file. The manipulation of the namenew argument leads to SQL injection. The attack can be initiated remotely. Upgrading to version 6.x-1.0 addresses this issue.

Recommendations For Email Registration version 5.x-2.1, upgrade to version 6.x-1.0 to resolve the issue. As a temporary workaround, consider restricting the use of the email registration user function until the upgrade is applied.