SQL injection vulnerability in links.asp in ASPapp allows remote malicious users to execute arbitrary SQL commands via the CatId parameter.
iatek aspapp