Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) part and (2) by parameters to (a) search.php, or the (2) id parameter to (b) viewforum.php.
https://exchange.xforce.ibmcloud.com/vulnerabilities/34258
http://www.vupen.com/english/advisories/2007/1816
http://www.securityfocus.com/bid/23964
http://www.securityfocus.com/archive/1/468536/100/0/threaded