CVE-2007-4163
CVE-2007-4163: Concrete SQL injection vulnerabilities in IndexScript 2.7 and 2.8 (before 20070726) allow remote attackers to execute arbitrary SQL via (1) cat_id, (2) start_id, (3) row[parent_id], and (4) row[cat_id] parameters used in include/utils.php. The show_cat.php cat_id vector is noted as...