UserExtranet by Beesto.com, 1.3.2 and previous, SQL Injection

resolution: update to 1.3.3

update notice: http://www.beesto.com/forum/read.php?30,2085

.