TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter.Referenceshttp://www.securityfocus.com/bid/2791http://twig.screwdriver.net/index.php3http://www.iss.net/security_center/static/6619.phphttp://archives.neohapsis.com/archives/bugtraq/2001-05/0260.html
