SQL injection vulnerability in cat.php in HispaH Model Search allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
hispah model search