doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php. A remote normal registered user could exploit the vulnerability to obtain database sensitive information.