CVE-2010-1923
SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgallery action.
Date published : 2010-05-12
http://packetstormsecurity.org/1005-exploits/web20snfcs-sql.txt