CVE-2007-3684
Affected software: Unobtrusive Ajax Star Rating Bar before 1.2.0. Root cause: SQL injection in the (1) q and (2) t parameters in (a) db.php and (b) rpc.php. Impact: remote attackers can execute arbitrary SQL commands. Mitigation: upgrade to version 1.2.0 or later (apply patch).