SQL injection vulnerability in php/leer_comentarios.php in FlashBlog allows remote malicious users to execute arbitrary SQL commands via the articulo_id parameter.
theflashblog flashblog