DUforum 3.x - 'messages.asp?FOR_ID' SQL Injection
source: https://www.securityfocus.com/bid/11363/info Multiple vulnerabilities have been identified in the software that may allow a remote attacker to carry out SQL injection and HTML injection attacks. An attacker may also gain unauthorized access to a user's account. DUclassmate may allow...