in uc_stocklevels.module
in function _uc_stocklevels_get_details

I replaced
$result = db_query('SELECT * FROM {uc_stocklevels} WHERE model = \''.$sku.'\'');

with

$result = db_query("SELECT * FROM {uc_stocklevels} WHERE model = '%s'", $sku);

works better IF you have a ' in the sku's (and is more secure as well)