SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and earlier allows remote malicious users to execute arbitrary SQL commands via the topic_id parameter.