Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
Simple IT Discussion Forum 1.0 Allows Unrestricted Database Access
CVE-2026-6004
Summary
A security issue in Simple IT Discussion Forum 1.0 allows attackers to access sensitive database information. This could lead to unauthorized changes or theft of data. Update to the latest version of the software to fix this issue.
Original title
A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument cat_id resu...
Original description
A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument cat_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 10 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026