CVE-2009-3349
Datavore Gyro 5.0 is affected by a SQL injection vulnerability in the home component’s cat action, exploitable via the cid parameter. This allows remote attackers to execute arbitrary SQL commands. The NVD entry lists a CVSS v2 base score of 7.5 (HIGH) with network attack vector and no authentica...