Nagendra Kumar G

**Name of the Vulnerable Software and Affected Versions** Ripe Website Manager versions 0.8.9 and earlier **Description** The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved through various API endpoints and parameters, including: the `id` parameter to "pages/delete page.php", "navigation/delete menu.php", and "navigation/delete item.php" in the "admin/" directory; the `menu id`, `name`, `page id`, and `url` parameters in "admin/navigation/do new item.php"; the `new menuname` parameter in "admin/navigation/do new nav.php"; and the `area1`, `name`, and `url` parameters to "admin/pages/do new page.php". Some vectors might also be reachable through the `url` and `name` parameters to "admin/navigation/new nav item.php". **Recommendations** For Ripe Website Manager versions 0.8.9 and earlier, consider disabling access to the specified API endpoints, such as "pages/delete page.php", "navigation/delete menu.php", "navigation/delete item.php", "admin/navigation/do new item.php", "admin/navigation/do new nav.php", and "admin/pages/do new page.php", until a patch is available. Restrict the use of vulnerable parameters, including `id`, `menu id`, `name`, `page id`, `url`, `new menuname`, and `area1`, in the affected endpoints to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.