Multiple SQL injection vulnerabilities in SailPlanner 0.3a allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
https://www.exploit-db.com/exploits/7267
https://exchange.xforce.ibmcloud.com/vulnerabilities/46932
http://www.juniper.net/security/auto/vulnerabilities/vuln32521.html