CVE-2009-2394 Information

Description

SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.

Reference

http://www.exploit-db.com/exploits/9027