CVE-2012-0973
OSClass prior to 2.3.5 is vulnerable to SQL injection via the sCategory parameter in index.php. The root cause is improper handling in osc_search_category_id (hSearch.php) and findBySlug (Category.php), enabling remote command execution. Evidence across sources shows CVE-2012-0973 with CVSS v2 ba...