Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to the getit function or the (2) min parameter to the search function.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/11984http://www.securityfocus.com/bid/7588http://archives.neohapsis.com/archives/bugtraq/2003-05/0147.html
