LimeSurvey Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2014-5017

SQL injection vulnerability in CPDB in application/controllers/admin/participantsaction.php in LimeSurvey 2.05 Build 140618 allows remote attackers to execute arbitrary SQL commands via the sidx parameter in a JSON request to admin/participants/sa/getParticipants_json related to a search parameter.