SQL injection vulnerability in login.asp in Thomson Web Skill Vantage Manager allows remote attackers to execute arbitrary SQL commands via the svmPassword parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/21637
http://www.securityfocus.com/bid/14409