Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 allow remote attackers to execute arbitrary SQL commands or obtain the installation path via parameters including (1) s, w, and d in users.php, (2) id in comments.php, (3) rusername in auth.php, or (4) h in plug.php.
https://exchange.xforce.ibmcloud.com/vulnerabilities/17912
http://www.securityfocus.com/bid/11569
http://www.ptsecurity.ru/advisory.asp
http://www.neocrome.net/page.php?id=1573
http://www.neocrome.net/index.php?m=single&id=91