CVE-2007-2898
SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php.
Date published : 2007-05-30
http://www.securityfocus.com/archive/1/469351/100/0/threaded