It's possible to execute external application in SQL request to pointbase database.
vulners.com/securityvulns/securityvulns:doc:5540
vulners.com/securityvulns/securityvulns:doc:5659