Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php.
https://www.exploit-db.com/exploits/2300
https://exchange.xforce.ibmcloud.com/vulnerabilities/28747
http://www.vupen.com/english/advisories/2006/3478
http://www.securityfocus.com/archive/1/445087/100/0/threaded
http://securitytracker.com/id?1016785
http://securityreason.com/securityalert/1521