SQL injection vulnerability in register.php in Phorum prior to 3.4.6 allows remote malicious users to execute arbitrary SQL commands via the hide_email parameter.
phorum phorum