CVE-2008-0397
CVE-2008-0397 involves multiple SQL injection vulnerabilities in the web app aflog 1.01 (and possibly earlier). The issues allow remote attackers to execute arbitrary SQL commands through (1) the id parameter to comments.php and (2) an unspecified parameter to view.php . The vulnerability arises ...