SQL injection vulnerability in login.php in V-webmail 1.5.0 might allow remote malicious users to execute arbitrary SQL commands via the username parameter.
v-webmail v-webmail 1.5.0