Foster Ghc

**Name of the Vulnerable Software and Affected Versions** MyPHP Forum versions 1.0 through 3.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via several API endpoints and parameters, including the `fid` in "forum.php", the `member` parameter in "member.php", the `email` parameter in "forgot.php", or the `nbuser` or `nbpass` parameters in "include.php". **Recommendations** For MyPHP Forum versions 1.0 through 3.0, consider restricting access to the vulnerable API endpoints and parameters until a patch is available. As a temporary workaround, avoid using the `fid`, `member`, `email`, `nbuser`, and `nbpass` parameters in the affected API endpoints.