CVE-2008-3945

Name of the Vulnerable Software and Affected Versions Words tag version 1.2

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the word parameter in a claim action.

Recommendations For version 1.2, update the index.php file to properly sanitize the word parameter to prevent SQL injection attacks. As a temporary workaround, consider restricting access to the claim action until a patch is available.