Multiple SQL injection vulnerabilities in index.php in Kensei Board 2.0 BETA (aka 2.0.0b) and earlier allow remote attackers to execute arbitrary SQL commands via the (1) f and (2) t parameters in a showforum action.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1853)