SQL injection vulnerability in dcboard.cgi in DCScripts DCForumLite 3.0 allows remote attackers to execute arbitrary SQL commands via the az parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/26084
http://www.securityfocus.com/archive/1/432010/100/0/threaded