SQL injection vulnerability in threads.php in Nuboard 0.5 allows remote malicious users to execute arbitrary SQL commands via the ssid parameter.
nuboard nuboard 0.5