SQL injection vulnerability in index.php in w-Agora 4.2.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
w-agora w-agora