CVE-2015-2972

Multiple SQL injection vulnerabilities in Sysphonic Thetis before 2.3.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

Date published : 2015-07-19

http://sysphonic.com/en/thetis/THETIS-SEC-001.html

https://github.com/sysphonic/thetis/commit/1b8234706e1294f41df42f3d1ccb71b983ffbe23