SQL injection vulnerability in tourview.php in ToursManager allows remote malicious users to execute arbitrary SQL commands via the tourid parameter.
toursmanager tours manager -