P2Y

**Name of the Vulnerable Software and Affected Versions** GNUTurk versions 2G and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `t id` parameter when the `go` parameter is set to "Forum" in the mods.php file. **Recommendations** For versions 2G and earlier, consider restricting access to the mods.php file or the `t id` parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the `t id` parameter in the mods.php file when the `go` parameter is set to "Forum" until a patch is available.