CVE-2015-1513
SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username.
Date published : 2015-02-06
http://packetstormsecurity.com/files/130194/SIPhone-Enterprise-PBX-SQL-Injection.html