Multiple SQL injection vulnerabilities in Link Exchange Lite allow remote attackers to execute arbitrary SQL commands via (1) the search engine field to search.asp and (2) psearch parameter to linkslist.asp.
https://exchange.xforce.ibmcloud.com/vulnerabilities/30460
http://www.vupen.com/english/advisories/2006/4656
http://www.securityfocus.com/archive/1/452256/100/0/threaded