CVE-2009-2097
CVE-2009-2097 describes an SQL injection in Zoki Soft Zoki Catalog (aka Smart Catalog). The vulnerability affects the PHP file system/application/controllers/catalog.php, where unsafely handled input in the search_text parameter enables remote attackers to execute arbitrary SQL commands. This is ...