Advanced Electron Forum BBCode 'preg_replace' PHP Code Injection Vulnerabilities

Advanced Electron Forum is prone to remote PHP code-injection vulnerabilities.

An attacker can exploit these issues to inject and execute arbitrary malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.


 

Privacy Statement
Copyright 2010, SecurityFocus