Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 72.2%