bttlxeforum < 2.0_beta_3 - SQL Injection via Username and Password Fields
SQL injection vulnerability in bttlxeForum 2.0 beta 3 and earlier allows remote attackers to bypass authentication via the (1) username and (2) password fields, and possibly other fields.