SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.Referenceshttps://www.exploit-db.com/exploits/7873http://secunia.com/advisories/33661http://osvdb.org/51630
