SQL injection vulnerability in forums.php in CMScout 1.23 and earlier allows remote attackers to execute arbitrary SQL commands via the f parameter in a forums action to index.php.
https://exchange.xforce.ibmcloud.com/vulnerabilities/35393
http://www.exploit-db.com/exploits/4182
http://secunia.com/advisories/26026
http://packetstorm.linuxsecurity.com/0707-exploits/cmscout.txt