Name of the Vulnerable Software and Affected Versions:

Joomlaboard Forum Component (com joomlaboard) versions prior to 1.1.2

Description:

The issue allows remote attackers to execute arbitrary PHP code via a URL in the `sbp` parameter to specific PHP files, including `file upload.php` and `image upload.php`.

Recommendations:

For versions prior to 1.1.2, update to version 1.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `file upload.php` and `image upload.php` files until the update is applied. Avoid using the `sbp` parameter in these files until the issue is resolved.