SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels 3 allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3204)