CVE-2004-1949
SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitrary SQL via 1 the sif parameter to index.php in the Comments module or 2 timezoneoffset parameter to changeinfo.php in the YourAccount module...