CVE-2007-3549
CVE-2007-3549 describes an SQL injection in Buddy Zone 1.5: the vulnerable script is view_sub_cat.php and the flaw is exploitable via the cat_id parameter, allowing remote execution of arbitrary SQL commands. Affected software: Buddy Zone 1.5; vulnerable component: view_sub_cat.php (cat_id). Impa...