SQL injection vulnerability in mainx_a.php in E-PROMPT C BetMore Site Suite 4.0 through 4.2.0 allows remote attackers to execute arbitrary SQL commands via the bid parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/64724
http://secunia.com/advisories/42945
http://epromptc.com/media/nwsatcl/betmore-4-2-1-software-update.html