CVE-2010-4963
SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute arbitrary SQL commands via the order_by parameter.
Date published : 2011-10-09
http://www.securityfocus.com/archive/1/512887/100/0/threaded