CVE-2007-4906

Name of the Vulnerable Software and Affected Versions: NuclearBB Alpha 2

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the root path parameter when register globals is enabled. This is due to a PHP remote file inclusion vulnerability in the tasks/send queued emails.php file.

Recommendations: For NuclearBB Alpha 2, consider disabling the register globals setting to prevent exploitation. Additionally, restrict access to the tasks/send queued emails.php file to minimize the risk of arbitrary PHP code execution. Avoid using the root path parameter in the affected file until the issue is resolved.