An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter.
kreado kreasfero 1.5