SQL injection vulnerability in UseBB 0.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search function.
https://exchange.xforce.ibmcloud.com/vulnerabilities/21652
http://www.usebb.net/community/topic.php?id=605
http://www.securityfocus.com/bid/14413