SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries.
https://exchange.xforce.ibmcloud.com/vulnerabilities/14111
http://www.securityfocus.com/bid/9372
http://securitytracker.com/id?1008621
http://secunia.com/advisories/10554
http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2537