SQL injection vulnerability in lire-avis.php in Messageriescripthp 2.0 allows remote attackers to execute arbitrary SQL commands via the aa parameter.Referenceshttp://securityreason.com/securityalert/2026http://www.securityfocus.com/bid/21513http://secunia.com/advisories/23319http://www.securityfocus.com/archive/1/453965/100/0/threaded
