Maxsite · Maxsite · CVE-2008-2487
Name of the Vulnerable Software and Affected Versions:
MAXSITE versions 1.10 and earlier
Description:
A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `category` parameter in a "webboard" action.
Recommendations:
For MAXSITE versions 1.10 and earlier, update to a version later than 1.10 to resolve the issue.