Public CVE-2010-4988 disclosure

SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter.