An issue exists in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del user_id[] parameter.
phpshe phpshe 1.7