SQL injection vulnerability in default.asp in AKY Blog allows remote malicious users to execute arbitrary SQL commands via the id parameter.
ali kenan aky blog