Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Simple IT Discussion Forum 1.0 allows code injection through category edit
CVE-2026-5826
Summary
A security issue in Simple IT Discussion Forum 1.0 can allow an attacker to inject malicious code into the forum. This could happen if a user is tricked into visiting a malicious link, which could potentially allow the attacker to take control of the forum or steal user data. Update to the latest version of the software to fix this issue.
Original title
A flaw has been found in code-projects Simple IT Discussion Forum 1.0. This issue affects some unknown processing of the file /edit-category.php. Executing a manipulation of the argument Category c...
Original description
A flaw has been found in code-projects Simple IT Discussion Forum 1.0. This issue affects some unknown processing of the file /edit-category.php. Executing a manipulation of the argument Category can lead to cross site scripting. The attack can be launched remotely. The exploit has been published and may be used.
nvd CVSS2.0
5.0
nvd CVSS3.1
4.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
CWE-94
Code Injection
Published: 9 Apr 2026 · Updated: 9 Apr 2026 · First seen: 9 Apr 2026