PunBB forum software contains a vulnerability where SQL injection can be performed by first entering an email address containing exploitation data into the change_email function, and then redisplaying the email address. This is due to PunBB trusting data it gets from its own database.
5fd7b7dfa4f40fbb3979dda469c1018c6a5f5a970b23430b090c05f3a14e5f41