SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter.Referenceshttps://www.exploit-db.com/exploits/5192http://www.securityfocus.com/bid/28009http://securityreason.com/securityalert/4732
