SQL injection vulnerability in member.asp in qjForum allows remote malicious users to execute arbitrary SQL commands via the uName parameter.
qjstudios qjforum