CVE-2012-3881 - Wishy washy Catalog

Description

Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php (2) view.php or (3) rtg.php.

Reference

https://code.google.com/p/rtg2/issues/detail?id=35 http://www.openwall.com/lists/oss-security/2012/07/09/2