CVE-2008-0280
CVE-2008-0280 describes an SQL injection in index.php of MTCMS 2.0 (and possibly earlier) that lets remote attackers inject arbitrary SQL via the (1) a or (2) cid parameter. Affected: MTCMS 2.0+. Root cause: improper input handling in index.php. Impact: potential data disclosure/alteration. Explo...