SQL injection vulnerability in admin/index.php in AdsDX 3.05 allows remote attackers to execute arbitrary SQL commands via the Username.Referenceshttp://www.exploit-db.com/exploits/9696
