CVE-2009-2891
SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Date published : 2009-08-20
http://packetstormsecurity.org/0907-exploits/riddledepot-sqlxss.txt