SQL injection vulnerability in login.php in IT!CMS 2.1a and previous versions allows remote malicious users to execute arbitrary SQL commands via the Username.
martin unzner it\\!cms