Public CVE-2001-1481 disclosure

SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allows remote attackers to execute arbitrary SQL queries via the $sortby variable.