SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
pwsphp pwsphp 1.2.2