CVE-2006-4631

Name of the Vulnerable Software and Affected Versions SoftBB versions 0.1 and earlier

Description The issue allows remote authenticated users to upload and execute arbitrary PHP code via the cache forum parameter in the admin/save opt.php file. This parameter saves the code to info options.php, which can be accessed via a direct request.

Recommendations For SoftBB versions 0.1 and earlier, avoid using the cache forum parameter in the admin/save opt.php file until a fix is available. As a temporary workaround, consider restricting access to the info options.php file to minimize the risk of exploitation.