SQL injection vulnerability in categos.php in the RM+Soft Gallery (rmgallery) 1.0 module for Xoops allows remote attackers to execute arbitrary SQL commands via the idcat parameter.