This has nothing to do with your version of NewBB, but with Protector, which is checking _SERVER for SQL Injections.
Some servers always enable DB Layer trapping. It causes wrong detections as SQL Injection attack. This seems to be the case here with our server.
We could turn off the checking, but this would weaken the security of DB Layer trapping anti-SQL-Injection. Since searches like yours for "pagenav select" are very seldom, we probably leave it as it is to make sure that don't weaken our security checks.
It might work on your server because your server didn't enable DB Layer trapping.
Please support XOOPS & DONATEUse 2.5.7
From Ohio, USA