SQL injection vulnerability in filemgmt/singlefile.php in Geeklog 1.3.8 allows remote attackers to execute arbitrary SQL commands via the lid parameter.Referenceshttp://www.securityfocus.com/bid/43458http://www.exploit-db.com/exploits/15091http://securityreason.com/securityalert/8457http://packetstormsecurity.org/1009-exploits/geeklog138-sql.txt
