Camfrog.com suffers from a remote SQL injection vulnerability

Millions of accounts are exposed

Vulnerable parameter: popular.php?orderby=&st=dir&r=&cg=

Available database: information_schema, cf, cf_gift, cf_image, cf_online

Users password are in CLEAR TEXT !!!

More on http://unu1234567.wordpress.com/2009/08/24/camfrog-com-sql-injection-full-database-acces/