Lu7K

**Name of the Vulnerable Software and Affected Versions** mx modsdb version 1.0.0 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `module root path` parameter in the includes/common.php file of the mx modsdb module for MxBB Portal. **Recommendations** For mx modsdb version 1.0.0, as a temporary workaround, consider restricting access to the `module root path` parameter in the includes/common.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.