SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and previous versions. A remote attacker could send a specially crafted SQL query to the server via the j_username parameter and retrieve the information stored in the database.