Full title: spidaVote 1.3 (id) SQL Injection Vulnerability 
Category: web applications
Platform: php
The $_GET-Parameter 'id' is not filtered and so an attacker can inject some malicious mysql-code.

# 0day.today @ http://0day.today/