Arab Portal · Arab Portal 3 · CVE-2015-6519
**Name of the Vulnerable Software and Affected Versions**
Arab Portal 3 (affected versions not specified)
**Description**
The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `showemail` parameter in a signup action to the "members.php" endpoint.
**Recommendations**
For Arab Portal 3, consider restricting access to the `showemail` parameter in the signup action to members.php until a patch is available. As a temporary workaround, avoid using the `showemail` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.