CVE-2014-2212
POSH (POSH portal / Portaneo) is affected by multiple CVEs in 2014. CVE-2014-2211 describes an SQL injection in portal/addtoapplication.php via the rssurl parameter, enabling remote arbitrary SQL execution for POSH versions 3.0 before 3.3.0. CVE-2014-2212 reports a separate issue where the rememb...