SQL injection vulnerability in php/leer_comentarios.php in FlashBlog allows remote attackers to execute arbitrary SQL commands via the articulo_id parameter.
https://www.exploit-db.com/exploits/5685
https://exchange.xforce.ibmcloud.com/vulnerabilities/43040
http://www.securityfocus.com/archive/1/492748/100/0/threaded