CVE-2007-6137
Content Injector 1.52 has a SQL injection in news.php via the cat parameter to index.php, allowing remote attackers to execute arbitrary SQL. Root cause: unsafe query construction in the affected script. Impact: confidentiality, integrity, and availability partially affected; CVSS v2 base score 7...