CVE-2007-0189

Name of the Vulnerable Software and Affected Versions GeoBB Georgian Bulletin Board versions prior to 1.0

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the action parameter in the index.php file. However, it's noted that GeoBB 1.0 sets $action to a whitelisted value, which disputes the severity of this issue.

Recommendations For versions prior to 1.0, consider restricting access to the action parameter in the index.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.