Flexcms · Flexcms · CVE-2009-1256
**Name of the Vulnerable Software and Affected Versions**
FlexCMS version 2.5
**Description**
A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `ItemId` parameter.
**Recommendations**
For FlexCMS version 2.5, consider restricting access to the `ItemId` parameter to minimize the risk of exploitation until a patch is available.