Xiuno BBS is an open source forum program based on PHP and MySQL. Xiuno BBS is vulnerable to an access control error, which stems from the product routeuser.php allowing searches for user names. No details of the vulnerability are currently available.