Security Advisory
CVE-2012-2925
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action.