Multiple SQL injection vulnerabilities in AJ Square AJ HYIP Acme allow remote attackers to execute arbitrary SQL commands via the artid parameter to (1) acme/article/comment.php and (2) prime/article/comment.php.Referenceshttp://securityreason.com/securityalert/4240http://www.securityfocus.com/bid/30974https://exchange.xforce.ibmcloud.com/vulnerabilities/44803https://www.exploit-db.com/exploits/6350
