SQL injection vulnerability in the public key discovery API call in Open-Xchange OX Guard before 2.0.0-rev8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
http://www.securityfocus.com/archive/1/536523/100/0/threaded
http://packetstormsecurity.com/files/133672/Guard-2.0.0-rev7-SQL-Injection.html