Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
Simple IT Discussion Forum 1.0: SQL Injection Risk in post_id Input
CVE-2026-5829
Summary
The Simple IT Discussion Forum software has a security flaw in its posting system. If an attacker manipulates the post_id field, they may be able to access sensitive data. We recommend updating to a patched version of the software to prevent data breaches.
Original title
A vulnerability was determined in code-projects Simple IT Discussion Forum 1.0. The impacted element is an unknown function of the file /pages/content.php. This manipulation of the argument post_id...
Original description
A vulnerability was determined in code-projects Simple IT Discussion Forum 1.0. The impacted element is an unknown function of the file /pages/content.php. This manipulation of the argument post_id causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 9 Apr 2026 · Updated: 9 Apr 2026 · First seen: 9 Apr 2026