A.Nosrati

**Name of the Vulnerable Software and Affected Versions** Sabdrimer Pro version 2.2.4 **Description** The issue allows remote attackers to execute arbitrary PHP code when register globals is enabled. This is achieved via a URL in the `pluginpath[0]` parameter in the skins/advanced/advanced1.php file. **Recommendations** For Sabdrimer Pro version 2.2.4, consider disabling the register globals setting to prevent exploitation. Additionally, restrict access to the skins/advanced/advanced1.php file and avoid using the `pluginpath[0]` parameter in URLs until a fix is available.