SQL injection vulnerability in search.php in 4images 1.7.x allows remote authenticated users to execute arbitrary SQL commands via the search_user parameter.
secunia.com/advisories/22349
securityreason.com/securityalert/1711
securitytracker.com/id?1017074
w4ck1ng.com/board/showthread.php?t=1037
www.securityfocus.com/archive/1/448022/100/0/threaded
www.securityfocus.com/bid/20394
www.vupen.com/english/advisories/2006/3974
exchange.xforce.ibmcloud.com/vulnerabilities/29389
www.exploit-db.com/exploits/2487