Awbs · Advanced Webhost Billing System · CVE-2011-0510
**Name of the Vulnerable Software and Affected Versions**
Advanced Webhost Billing System (AWBS) versions 2.9.2 and earlier
**Description**
The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `oid` parameter in an "add other" action in the cart.php file.
**Recommendations**
For Advanced Webhost Billing System (AWBS) versions 2.9.2 and earlier, consider restricting access to the cart.php file until a patch is available. As a temporary workaround, avoid using the `oid` parameter in the "add other" action to minimize the risk of exploitation.