Rf7Awy

**Name of the Vulnerable Software and Affected Versions** B1G b1gBB version 2.24 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `tfooter` parameter in the `footer.inc.php` file. **Recommendations** For B1G b1gBB version 2.24, consider restricting access to the `footer.inc.php` file or validating the `tfooter` parameter to prevent remote file inclusion attacks. As a temporary workaround, avoid using the `tfooter` parameter in the affected file until a patch is available.