SQL injection vulnerability in Mahara 1.1.x before 1.1.9 and 1.2.x before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.Referenceshttp://wiki.mahara.org/Release_Notes/1.1.9http://wiki.mahara.org/Release_Notes/1.2.5https://exchange.xforce.ibmcloud.com/vulnerabilities/59995http://secunia.com/advisories/40431http://www.securityfocus.com/bid/41319
