2008-06-12 01:30:00
mitre
PUBLISHED
SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.