CVE-2003-1252

Name of the Vulnerable Software and Affected Versions S8Forum version 3.0

Description The issue allows remote attackers to execute arbitrary PHP commands. This is achieved by creating a user with a name that ends in a .php extension and entering the desired commands into the E-mail field. As a result, a web-accessible .php file is created, which can be called by the attacker. For example, using a system($cmd) E-mail address with an any name.php username demonstrates this exploit.

Recommendations For S8Forum version 3.0, consider restricting user registration to prevent the creation of usernames with .php extensions as a temporary workaround. Additionally, restrict access to the register.php file to minimize the risk of exploitation. Avoid allowing users to enter arbitrary commands in the E-mail field until the issue is resolved.