Online Solutions for Educators - SQL Injection via login.asp Password Parameter
SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password.