Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) index.php or (2) gallery.php.
https://exchange.xforce.ibmcloud.com/vulnerabilities/72079
http://www.securitytracker.com/id?1027608
http://packetstormsecurity.org/files/view/108295/ploggerphotogallery-sql.txt