CVE-2012-2925 - Stable Pimpjuice

Description

SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action.

Reference

http://www.exploit-db.com/exploits/18845 https://exchange.xforce.ibmcloud.com/vulnerabilities/75501