SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
https://service.sap.com/sap/support/notes/1783795
http://www.securitytracker.com/id/1029352