CVE-2008-6427
SQL injection vulnerability in index.php in Hivemaker Professional 1.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Date published : 2009-03-06
http://www.securityfocus.com/archive/1/492917/100/0/threaded