CVE-2009-3226

Name of the Vulnerable Software and Affected Versions AlmondSoft Almond Classifieds Ads Enterprise (affected versions not specified) Almond Affiliate Network Classifieds (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the replid parameter in a "manw repl add form" action in the index.php file.

Recommendations For AlmondSoft Almond Classifieds Ads Enterprise, avoid using the replid parameter in the "manw repl add form" action until the issue is resolved. For Almond Affiliate Network Classifieds, avoid using the replid parameter in the "manw repl add form" action until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.