e-Zone Media FuseTalk Form Input Validation Vulnerability

e-Zone Media FuseTalk Form Input Validation Vulnerability

e-Zone Media FuseTalk is a web-based forum package that allows users to build interactive communities.

FuseTalk by default does not appear to validate or sanitize any input entered into its sign-up forms. This could allow users to submit data which includes SQL queries which will in turn be executed by the form upon the SQL database.