CVE-2008-2521 - Botchiest Berths

Description

SQL injection vulnerability in members.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote authenticated users to execute arbitrary SQL commands via the fid parameter.

Reference

http://www.securityfocus.com/bid/29167 http://secunia.com/advisories/30210 https://exchange.xforce.ibmcloud.com/vulnerabilities/42355 https://www.exploit-db.com/exploits/5598