SQL injection vulnerability in filemgmt/singlefile.php in Geeklog 1.3.8 allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
geeklog geeklog 1.3.8