CVE-2008-0738

Name of the Vulnerable Software and Affected Versions CandyPress versions 4.1.1.26 and earlier 4.1.x versions

Description The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the idcust parameter to "ajax getTiers.asp" and "ajax getCust.asp" in the ajax/ directory, and the tableName parameter to "ajax/ajax tableFields.asp".

Recommendations For CandyPress versions 4.1.1.26 and earlier 4.1.x versions, consider restricting access to the vulnerable API endpoints "ajax getTiers.asp", "ajax getCust.asp", and "ajax/ajax tableFields.asp" until a patch is available. As a temporary workaround, avoid using the idcust and tableName parameters in the affected API endpoints. At the moment, there is no information about a newer version that contains a fix for this issue.