SQL injection vulnerability in Claroline before 1.8.9 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.Referenceshttp://sourceforge.net/project/shownotes.php?release_id=575934http://www.vupen.com/english/advisories/2008/0596http://secunia.com/advisories/28942http://www.securityfocus.com/bid/27846
