SQL injection vulnerability in saralblog 1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to viewprofile.php.
https://exchange.xforce.ibmcloud.com/vulnerabilities/23484
http://www.vupen.com/english/advisories/2005/2752
http://pridels0.blogspot.com/2005/12/saralblog-v1-sql-inj-vuln.html