SQL injection vulnerability in cat.php in 6rbScript allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/45339
http://secunia.com/advisories/31945
http://packetstormsecurity.org/0809-exploits/6rbscriptcat-sql.txt