LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter.
layerbb layerbb 1.1.1
layerbb layerbb 1.1.3