Multiple SQL injection vulnerabilities in the administration login page in D-Link DAP-1350 (Rev. A1) with firmware 1.14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password.Referenceshttp://secunia.com/advisories/58254http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10023http://www.securityfocus.com/bid/67310
