CVE-2010-4826
Snitz Forums 2000 (version 3.4.07) is affected by a SQL injection in members.asp exploitable through the M_NAME parameter, allowing remote execution of arbitrary SQL commands. Root cause is improper handling of user input in the M_NAME field. The connected OpenVAS entry confirms the SQL injection...