CVE-2008-5859

SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showpage parameter...