Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter in details.php or the (2) query parameter in search.php.
https://exchange.xforce.ibmcloud.com/vulnerabilities/29294
http://www.securityfocus.com/archive/1/447424/100/0/threaded