Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters txUserName and txPassword.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected