Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow remote attackers to execute arbitrary SQL queries.
https://exchange.xforce.ibmcloud.com/vulnerabilities/15020
http://www.securityfocus.com/bid/9565
http://sourceforge.net/tracker/index.php?func=detail&aid=879391&group_id=2266&atid=102266