CVE-2012-5648
Multiple SQL injection vulnerabilities in Foreman before 1.0.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 app/models/hostext/search.rb or 2 app/models/puppetclass.rb, related to the search mechanism...