SQL injection vulnerability in comments.php in Simplog 0.9.3.1 allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
simplog simplog 0.9.3.1