https://www.exploit-db.com/exploits/25919

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/14095/info

Phoroum is prone to SQL injection attacks. Insufficient sanitization of user input may allow a malicious user to manipulate the structure and logic of database queries.

Successful exploitation could allow the attacker to compromise security properties of the application and the database. Possible consequences include unauthorized access to the application and database.

This issue has been reported to exist in Phorum 5.0.11. Earlier versions may also be affected. 

http://www.example.com/read.php?1,[MALICIOUS_SQL_CODE],newer