SQL injection vulnerability in classi/detail.php in PHP Classifieds Ads allows remote attackers to execute arbitrary SQL commands via the sid parameter.