SQL injection vulnerability in index.php in 3CFR allows remote attackers to execute arbitrary SQL commands via the LangueID parameter.Referenceshttp://www.osvdb.org/20832http://hackers.by.lv/showthread.php?p=408http://osvdb.org/ref/20/20832-3CFR-sql.txt
