Advertise With Pleasure! (AWP) versions 6.6 and below suffer from a remote SQL injection vulnerability.