SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote malicious users to execute arbitrary SQL commands via the words parameter.
a-blog a-blog 2.0