SQL injection vulnerability in index.php in AmpJuke 0.7.5 allows remote attackers to execute arbitrary SQL commands via the special parameter in a performerid action.
https://exchange.xforce.ibmcloud.com/vulnerabilities/45665
http://www.securityfocus.com/bid/31592
http://secunia.com/advisories/32168
http://packetstorm.linuxsecurity.com/0810-exploits/ampjuke-sql.txt