SQL injection vulnerability in cp.php in DeluxeBB 1.07 and previous versions allows remote malicious users to execute arbitrary SQL commands via the xmsn parameter.
deluxebb deluxebb