CVE-2012-4240

Publication date

2014-09-11 14:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in modules/calendar/json.php in Group-Office community before 4.0.90 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter.