SQL injection vulnerability in TestLink before 1.9.14 allows remote attackers to execute arbitrary SQL commands via the apikey parameter to lnl.php.Referenceshttp://www.securityfocus.com/archive/1/536623/100/0/threaded
