Sql injection

SQL injection vulnerability in castingview.php in Modelbook allows remote attackers to execute arbitrary SQL commands via the adnum parameter...