CVE-2003-0770

Name of the Vulnerable Software and Affected Versions: IkonBoard versions 3.1.2a and earlier, including 3.1.1

Description: The issue arises from improper cleansing of the lang cookie in FUNC.pm when it contains illegal characters. This allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl eval statement.

Recommendations: For IkonBoard versions 3.1.2a and earlier, including 3.1.1, consider implementing proper input validation and sanitization for the lang cookie to prevent the insertion of illegal characters. As a temporary workaround, restrict access to the FUNC.pm module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.