CVE-2014-100019 Information

Description

SQL injection vulnerability in the LTree converter in Pomm before 1.1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Reference

http://secunia.com/advisories/56986 http://www.pomm-project.org/news/pomm-1-1-5-is-out.html http://www.securityfocus.com/bid/65711 https://exchange.xforce.ibmcloud.com/vulnerabilities/91276 https://github.com/chanmix51/Pomm/issues/122