CVE-2009-2929

Name of the Vulnerable Software and Affected Versions: TGS Content Management versions 0.x

Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via multiple parameters in two scripts: cms/index.php and cms/frontpage ception.php. The parameters in cms/index.php include tgs language id, tpl dir, referer, user-agent, site, option, db optimization, owner, admin email, default language, and db host. The parameters in cms/frontpage ception.php include cmd, s dir, minutes, s mask, test3 mp, test15 file1, submit, brute method, ftp server port, userfile14, subj, mysql l, action, and userfile1. Note that some parameters may only be applicable in nonstandard versions of the product, and the script name cms/frontpage ception.php might be cms/frontpage caption.php in released versions.

Recommendations: For TGS Content Management versions 0.x, consider disabling the SQL execution functionality in the cms/index.php and cms/frontpage ception.php scripts until a patch is available. Restrict access to these scripts to minimize the risk of exploitation. Avoid using the specified parameters in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.