Electron Inc. Advanced Electron Forum before 1.0.7 allows remote attackers to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-11-14T19:00:00
Updated: 2018-10-11T19:57:01
Reserved: 2008-11-14T00:00:00
Link: CVE-2008-5090
JSON object: View
NVD Information
Status : Modified
Published: 2008-11-14T19:20:53.997
Modified: 2018-10-11T20:54:04.553
Link: CVE-2008-5090
JSON object: View
Redhat Information
No data.
CWE