Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/91554http://secunia.com/advisories/57171http://packetstormsecurity.com/files/125464
