Sql injection

Multiple SQL injection vulnerabilities in TorrentTrader before 1.07 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 account-inbox.php, 2 account-settings.php, and possibly 3 backend/functions.php...