mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
891 B
891 B
CVE-2006-4631
Description
Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request.
POC
Reference
- http://securityreason.com/securityalert/1521
- http://securityreason.com/securityalert/1521
- https://www.exploit-db.com/exploits/2300
- https://www.exploit-db.com/exploits/2300
Github
No PoCs found on GitHub currently.