webTareas 2.4p5 exists to contain a SQL injection vulnerability via the id parameter in phasesets.php.
webtareas project webtareas 2.4