https://www.exploit-db.com/exploits/22597
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-164

PHP-Nuke5.x到6.5版本的Downloads模块存在多个SQL注入漏洞。远程攻击者可以借助（1）getit函数的lid参数，或（2）search函数的min参数执行任意SQL命令。

source: http://www.securityfocus.com/bid/7588/info

PHP-Nuke is reportedly prone to multiple SQL injection vulnerabilities in the Downloads module. Exploitation could allow for injection of malicious SQL syntax, resulting in modification of SQL query logic or other attacks. 

http://www.example.com/modules.php?name=Downloads&d_op=getit&lid=2%20<our_code>

where <our_code> represents SQL code that can be injected.

来源:XF
名称:phpnuke-multiple-sql-injection(11984)
链接:http://xforce.iss.net/xforce/xfdb/11984
来源:BID
名称:7588
链接:http://www.securityfocus.com/bid/7588
来源:BUGTRAQ
名称:20030513MoreandMoreSQLinjectiononPHP-Nuke6.5.
链接:http://archives.neohapsis.com/archives/bugtraq/2003-05/0147.html