SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter.