CVE-2010-1071

SQL injection vulnerability in profil.php in phpMDJ 1.0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.

References

http://www.exploit-db.com/exploits/11083

http://packetstormsecurity.org/1001-exploits/phpmdj103-sql.txt

http://secunia.com/advisories/33480

https://exchange.xforce.ibmcloud.com/vulnerabilities/55516

http://www.securityfocus.com/bid/37698