Delibey

**Name of the Vulnerable Software and Affected Versions** NovaBoard version 1.1.2 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `forums[]` parameter in a search action. **Recommendations** For NovaBoard version 1.1.2, avoid using the `forums[]` parameter in search actions until a fix is available. As a temporary workaround, consider restricting access to the search functionality to minimize the risk of exploitation.