SQL injection vulnerability in demo/ads.php in Artifectx xClassified 1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.Referenceshttp://packetstormsecurity.com/files/127370/xClassified-1.2-SQL-Injection.htmlhttp://www.securityfocus.com/bid/68438
