CVE-2015-2563
CVE-2015-2563 describes an SQL injection in the Vastal I-Tech phpVID web app (versions 0.9.9 and 1.2.3) specifically in the groups.php script. The vulnerability is triggered via the order_by parameter, allowing remote attackers to execute arbitrary SQL commands. The note indicates the cat paramet...