Multiple SQL injection vulnerabilities in DeluxeBB 1.06 allow remote attackers to execute arbitrary SQL commands via the (1) hideemail, (2) languagex, (3) xthetimeoffset, and (4) xthetimeformat parameters during account registration.
https://exchange.xforce.ibmcloud.com/vulnerabilities/27091
http://www.vupen.com/english/advisories/2006/2347
http://www.securityfocus.com/bid/18453
http://www.securityfocus.com/archive/1/438597/100/0/threaded
http://www.securityfocus.com/archive/1/437228/100/100/threaded
http://securitytracker.com/id?1016309
http://securityreason.com/securityalert/1134