SQL injection vulnerability in the ticket grid in the admin interface in LicensePal ArcticDesk before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
http://www.arcticdesk.com/support/announcements/arcticdesk-v1-2-5-maintenance-release-18.html