CVE-2008-6655

Name of the Vulnerable Software and Affected Versions GEDCOM TO MYSQL version 2

Description The issue allows remote attackers to inject arbitrary web script or HTML via several parameters, including nom branche and nom to "php/prenom.php", nom branche to "php/index.php", and nom branche, nom, and prenom to "php/info.php".

Recommendations For GEDCOM TO MYSQL version 2, as a temporary workaround, consider restricting access to the php/prenom.php, php/index.php, and php/info.php files until a patch is available. Avoid using the nom branche, nom, and prenom parameters in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.