CVE-2006-3270

Name of the Vulnerable Software and Affected Versions THoRCMS version 1.3.1

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands via multiple unspecified parameters, such as the add link mid parameter.

Recommendations For THoRCMS version 1.3.1, as a temporary workaround, consider restricting access to the cms admin.php file until a patch is available. Avoid using the add link mid parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.