CVE-2007-5646
SMF SQL injection (CVE-2007-5646) affects Simple Machines Forum (SMF) 1.1.3. The flaw is in Sources/Search.php where the vulnerable userspec parameter used in the search2 action to index.php is not sanitized, enabling arbitrary SQL execution when using MySQL 5.x. An unauthenticated or authenticat...