CVE-2004-1949
The CVE concerns PostNuke prior to 7.2.6 with a SQL injection vulnerability that allows remote attackers to run arbitrary SQL. The flaw is triggered by input parameters in two modules: (1) sif in index.php of the Comments module, and (2) timezoneoffset in changeinfo.php of the Your_Account module...