SQL injection vulnerability in news.php in DapperDesk 3.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/24354
http://pridels0.blogspot.com/2005/11/dapperdesk-30x-page-sql-inj.html