The remote web server contains a script that is vulnerable to a SQL injection attack.
The remote host seems to be running PHPGroupWare, a groupware system implemented in PHP. This version is reported to be vulnerable to a cross-site scripting issue and a SQL injection vulnerability. An attacker may gain access to unauthorized information or may steal cookie-based authentication credentials from a legitimate user by sending the user a malformed link to this web site.
No solution is known at this time.