SQL injection vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
http://www.securityfocus.com/bid/75076
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000081