Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
Simple IT Discussion Forum 1.0: SQL Injection Risk
CVE-2026-5827
Summary
A security flaw in the Simple IT Discussion Forum 1.0 software allows an attacker to inject malicious code into the database, potentially stealing or modifying sensitive data. This can happen if an attacker manipulates certain input fields. To protect your site, update to the latest version of the software or take other security measures to prevent unauthorized access.
Original title
A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /question-function.php. The manipulation of the argument content leads to...
Original description
A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /question-function.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 9 Apr 2026 · Updated: 9 Apr 2026 · First seen: 9 Apr 2026