SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter. The vendor has released version 3.0.7 of eggblog to address this issue.