SQL injection during authentication, SQL injection in web-link module, SQL injection in download module, access with encrypted password.
vulners.com/securityvulns/securityvulns:doc:5201
vulners.com/securityvulns/securityvulns:doc:5206