CVE-2004-2751
SQL injection vulnerability in the members_list module in PostNuke 0.726, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
Date published : 2007-11-13
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-01/0015.html