Public CVE-2006-1394 disclosure

SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to execute arbitrary SQL commands via unspecified vectors in a showmessage action, possibly the username parameter....