CVE-2014-100031

Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php.

Date published : 2015-01-13

http://packetstormsecurity.com/files/125464

http://secunia.com/advisories/57171