SQL injection vulnerability in comment.php for GeekLog 1.3.5 and previous versions allows remote malicious users to obtain sensitive user information via the pid parameter.
geeklog geeklog