77Zhangzhaoqianhun

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Discussion Forum version 1.0 **Description** A SQL injection weakness exists in the file `/members/compose msg.php` due to the manipulation of the `ID` argument. This issue is exploitable remotely. The exploit has been made publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Discussion Forum version 1.0 **Description** A security issue exists in itsourcecode Online Discussion Forum. Manipulation of the `ID` argument in the `/members/compose msg admin.php` file can lead to SQL injection. The attack can be performed remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.