Invision Power Board Multiple SQL Injection Vulnerabilities

Summary
The host is running Invision Power Board and is prone to multiple SQL Injection vulnerabilities.
Impact
Succesful exploitation will allow attackers to access and modify the backend database by injecting arbitrary SQL queries. Impact Level: Application
Solution
Apply the following patch, http://community.invisionpower.com/topic/291103-invision-power-board-3-0-2-security-update/ ***** NOTE: Please ignore this warning if the above mentioned patch is already applied. *****
Insight
Tha input passed into 'search_term' parameter in search.php and in 'aid' parameter in lostpass.php is not porpperly sanitisied before being used to construct SQL queries.
Affected
Invision Power Board version 3.0.0, 3.0.1, and 3.0.2.
References