FA6@L 3RROR

1 exploit Active since Jul 2008
CVE-2008-2972 EXPLOITDB text WORKING POC
KbLance - SQL Injection via cat_id Parameter
SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a comment action.