MC Inventory Manager suffers from a remote SQL injection vulnerability that allows for authentication bypass.