Downbload

Name of the Vulnerable Software and Affected Versions: YaBB SE version 1.5.2 Description: The issue allows remote attackers to execute arbitrary PHP code. This is achieved by modifying the `sourcedir` parameter to reference a URL on a remote web server that contains the malicious code. Recommendations: For YaBB SE version 1.5.2, avoid using the `sourcedir` parameter to reference external URLs until a patch is available. As a temporary workaround, consider restricting access to the SSI.php file to minimize the risk of exploitation.