Public CVE-2014-5456 disclosure

SQL injection vulnerability in sqrl_verify.php in php-sqrl allows remote attackers to execute arbitrary SQL commands via the message parameter.