The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: flexera
Published: 2006-06-13T01:00:00
Updated: 2018-10-18T14:57:01
Reserved: 2006-06-08T00:00:00
Link: CVE-2006-2908
JSON object: View
NVD Information
Status : Modified
Published: 2006-06-13T01:02:00.000
Modified: 2018-10-18T16:43:37.527
Link: CVE-2006-2908
JSON object: View
Redhat Information
No data.
CWE