A-Blog V.2 (id) XSS / Remote SQL Injection Exploit :: 2008-02-03
Download

http://www.exploit-db.com/exploits/5050/