SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remote attackers to execute arbitrary SQL commands via the menu parameter.Referenceshttps://www.exploit-db.com/exploits/7432http://secunia.com/advisories/33126http://www.securityfocus.com/bid/32789
