The remote web server is running a PHP application that is vulnerable to a SQL-injection attack.
The remote web server is running a version of MyBB earlier than 1.4.7. Such versions reportedly fail to properly sanitize user-supplied data to the 'birthdayprivacy' parameter of the 'usercp.php' script before using it in an SQL query. An attacker could exploit this flaw to access or modify sensitive information.
Upgrade to MyBB 1.4.7 or later.