SQL injection vulnerability in index.php in iSupport 1.06 allows remote malicious users to execute arbitrary SQL commands via the include_file parameter.
idevspot isupport 1.06