SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939.
http://www.cisco.com/en/US/docs/voice_ip_comm/meetingplace/7_1/english/release_notes/mp71rn.html