SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote malicious users to execute arbitrary SQL commands via the user name field.
readydesk readydesk 9.1