CVE-2013-7139 Information

Description

SQL injection vulnerability in download.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote to execute arbitrary SQL commands via the category parameter.

Reference

http://www.securityfocus.com/bid/64715 https://www.htbridge.com/advisory/HTB23191