CVE-2008-6093

Name of the Vulnerable Software and Affected Versions Noname CMS version 1.0

Description The issue allows remote attackers to execute arbitrary SQL commands. This is possible via the file id parameter in a "detailansicht" action and the kategorie parameter in a "kategorien" action when magic quotes gpc is disabled.

Recommendations For Noname CMS version 1.0, consider disabling the detailansicht and kategorien actions until a patch is available, or restrict access to these actions to minimize the risk of exploitation. Additionally, enable magic quotes gpc to prevent SQL injection attacks.