sqllog() format string vulnerability if SQL logging is enabled.
vulners.com/securityvulns/securityvulns:doc:15236