SQL injection vulnerability in index.php in NooTopList 1.0.0 release 17 allows remote attackers to execute arbitrary SQL commands via the (1) o or (2) sort parameters.Referenceshttp://www.systemsecure.org/ssforum/viewtopic.php?t=249http://securitytracker.com/id?1014931
