http://www.linuxtoday.com/security/2011072100339NWMSSW (http://www.linuxtoday.com/security/2011072100339NWMSSW)
In a very distantly related but similar vein I received the following from vBulletin (best forums developer):
"..A flaw within a side query that is used in the search UI has recently been discovered that affects all versions of vBulletin 4 Forum Classic and vBulletin 4 Publishing Suite. This flaw may enable malicious individuals to inject sql that would allow you to run arbitrary queries on the db via this exploit. This is a new exploit and while similar, unrelated to one previously rectified in April. To resolve this issue, it has been necessary to release a patch level version on all versions of vBulletin 4.X. The issue does not affect vBulletin 3.X to the best of our knowledge.
For further details, please check here: http://www.vbulletin.com/go/vb4xp2
To rectify the issue please download the patch from the members area of vBulletin: http://members.vbulletin.com/ We recommend you install this security patch as soon as possible."