Unknown · Member Management System · CVE-2004-1843
**Name of the Vulnerable Software and Affected Versions**
Member Management System version 2.1
**Description**
The issue allows remote attackers to execute arbitrary SQL commands via the `ID` parameter to API endpoints such as "resend.asp" or "news view.asp".
**Recommendations**
For Member Management System version 2.1, avoid using the `ID` parameter in the affected API endpoints until the issue is resolved. As a temporary workaround, consider restricting access to the "resend.asp" and "news view.asp" endpoints to minimize the risk of exploitation.