CVE-2008-4642
AstroSPACES profile.php SQL Injection: in version 1.1.1, the id parameter in a view action is unvalidated, enabling remote attackers to inject arbitrary SQL via the vulnerable query. The issue is documented with a CVSSv2 base score of 7.5 (HIGH) and vector AV:N/AC:L/Au:N/C:P/I:P/A:P. Connected so...