CVE-2008-6970

SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter.

Date published : 2009-08-13

http://www.securityfocus.com/bid/31074

http://www.ubbcentral.com/forums/ubbthreads.php/topics/216722/