Skalfa · Skalinks Exchange Script · CVE-2008-7010
**Name of the Vulnerable Software and Affected Versions**
Skalfa Software SkaLinks Exchange Script version 1.5
**Description**
The issue allows remote attackers to gain privileges by adding new administrators. This is achieved through a direct request to the "admin/register.php" API endpoint.
**Recommendations**
For Skalfa Software SkaLinks Exchange Script version 1.5, consider restricting access to the "admin/register.php" endpoint until a patch is available. As a temporary workaround, limit the ability to add new administrators to prevent unauthorized privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.