CVE-2014-5089 Information

Description

SQL injection vulnerability in admin/options/logs.php in Status2k allows remote authenticated administrators to execute arbitrary SQL commands via the log parameter.

Reference

http://packetstormsecurity.com/files/127719/Status2k-XSS-SQL-Injection-Command-Execution.html