SQL injection vulnerability have been found in 101news affecting version 1.0 through the "searchtitle" parameter in search.php.