SQL injection vulnerability in aut_verifica.inc.php in Autentificator 2.01 allows remote attackers to execute arbitrary SQL commands via the user parameter.
http://www.vupen.com/english/advisories/2006/3442
http://www.securityfocus.com/archive/1/445008/100/0/threaded