The vulnerability allows remote attackers to inject own sql commands to compromise the vulnerable application dbms. Monstra is a simple and light-weighted Content Management System written in PHP.
Read more here – http://www.vulnerability-lab.com/get_content.php?id=1081