Index: /branches/2.1/include/section_init.inc.php
===================================================================
--- /branches/2.1/include/section_init.inc.php	(revision 6669)
+++ /branches/2.1/include/section_init.inc.php	(revision 6905)
@@ -62,4 +62,8 @@
     break;
   }
+  
+  // the $_GET keys are not protected in include/common.inc.php, only the values
+  $rewritten = pwg_db_real_escape_string($rewritten);
+  
   $page['root_path'] = PHPWG_ROOT_PATH;
 }