MyBB Moderation.PHP SQL Injection Vulnerability

MyBB Moderation.PHP SQL Injection Vulnerability

An exploit is not required.

The following proof of concept example is available:

http://www.example.com/mybb/moderation.php?posts=[firstpid]|[secondpid]?[SQL]
&tid=[containertid]&action=do_multimergeposts&sep=hr