CVE-2008-2521 - Botchiest Berths
Description
SQL injection vulnerability in members.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote authenticated users to execute arbitrary SQL commands via the fid parameter.
Reference
http://www.securityfocus.com/bid/29167 http://secunia.com/advisories/30210 https://exchange.xforce.ibmcloud.com/vulnerabilities/42355 https://www.exploit-db.com/exploits/5598