Multiple SQL injection vulnerabilities in AAIportal prior to 1.4.0 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
aai-portal aaiportal 1.3.2