CVE-2010-0381
CVE-2010-0381 describes an SQL injection in PHP MySpace Gold Edition (versions 8.0 and 8.10) in modules/arcade/index.php, exploitable via the gid parameter in a show_stats action. The underlying issue is improper handling of user-supplied input, allowing remote attackers to inject arbitrary SQL. ...