CVE-2009-4795
CVE-2009-4795 : In Xlight FTP Server prior to 3.2.1, when ODBC authentication is enabled, remote attackers can trigger SQL injection through the USER (username) or PASS (password) commands. The underlying issue is the server processing user-supplied credentials in SQL without proper validation, a...