SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote malicious users to inject arbitrary SQL commands via the f parameter.
mercuryboard mercuryboard 1.1.2