SQL injection vulnerability in MailGust 1.9 allows remote attackers to execute arbitrary SQL commands via the email field on the password reminder page.