SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the add_ons parameter. Date p