Cp77Fk4R

**Name of the Vulnerable Software and Affected Versions** DeluxeBB version 1.3 **Description** The issue allows remote attackers to obtain sensitive information, including user and configuration data, log files, and gain administrative access. This is possible due to the storage of sensitive information under the web root with insufficient access control. Attackers can access scripts in various directories, such as `templates/`, `images/`, `logs/`, `wysiwyg/`, `docs/`, `classes/`, `lang/`, and `settings/`, via a direct request. Specifically, attackers can target directories like `templates/deluxe/admincp/`, `templates/corporate/admincp/`, and `templates/blue/admincp/`, as well as files like `logs/cp.php`. **Recommendations** For DeluxeBB version 1.3, consider restricting direct access to sensitive directories and files, such as `templates/`, `images/`, `logs/`, `wysiwyg/`, `docs/`, `classes/`, `lang/`, and `settings/`, to prevent unauthorized access. As a temporary workaround, restrict access to the `logs/` directory and files like `logs/cp.php` to minimize the risk of exploitation. Additionally, limit access to administrative scripts in `templates/deluxe/admincp/`, `templates/corporate/admincp/`, and `templates/blue/admincp/` until a proper fix is applied.

**Name of the Vulnerable Software and Affected Versions** DeluxeBB version 1.3 **Description** The issue allows remote attackers to obtain sensitive information by providing a crafted `page` parameter to the "misc.php" endpoint, which reveals the installation path in an error message. This might be related to improperly controlled computation in "tools.php" that could lead to a denial of service due to CPU or memory consumption. **Recommendations** For DeluxeBB version 1.3, as a temporary workaround, consider restricting access to the "misc.php" endpoint until a patch is available. Additionally, review the computation controls in "tools.php" to prevent potential denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DeluxeBB version 1.3 **Description** The issue allows remote attackers to register accounts without a valid email address. This is achieved by using a `valemail` action with the `valmem` set to a pre-assigned user ID, which can be obtained from a `memberlist` action. **Recommendations** For DeluxeBB version 1.3, consider restricting access to the `misc.php` file or disabling the `valemail` action to prevent unauthorized account registration until a proper fix is implemented. Additionally, restrict the use of the `valmem` variable to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** DeluxeBB version 1.3 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the `page` parameter in misc.php. **Recommendations** For DeluxeBB version 1.3, consider restricting access to the misc.php file until a patch is available, or avoid using the `page` parameter in this context to minimize the risk of exploitation.