CVE-2007-3453
SQL injection vulnerability in Papoo 3.6, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the selmenuid parameter to certain components.
Date published : 2007-06-26
http://www.securityfocus.com/bid/24611
http://www.securityfocus.com/archive/1/472196/100/0/threaded