The vulnerability exists due to improper sanitation of input in multiple parameters within the "/ajax.php" script. A remote attacker can send a specially crafted HTTP POST request and execute arbitrary SQL queries in application’s database. The following parameter are vulnerable to SQL injection attacks: - "uid" (when "mode" is set to "add_friend"). This vulnerability require that attacker is logged-in into the application, however new user registration is open by default ; - "id" (when "mode" is set to "share_object" or "add_to_fav", and "type" is set to "video", "photo", or "collection"); - "id" (when "mode" is set to "rating" and "type" is set to "video", "photo", "collection", or "user"). This vulnerabilities require that attacker is logged-in into the application, however new user registration is open by default; - "id" (when "mode" is set to "flag_object" and "type" is set to "video", "group", "user", "photo", or "collection"); - "cid" (when "mode" is set to "add_new_item" or "remove_collection_item" and "type" is set to "video" or "photo"); - "cid" (when "mode" is set to "remove_collection_item" and "type" is set to "collection");