CVE-2008-4780

Name of the Vulnerable Software and Affected Versions MyForum version 1.3

Description A directory traversal issue exists in the admin/centre.php file of MyForum. When register globals is enabled, remote attackers can include and execute arbitrary local files by using directory traversal sequences in the padmin parameter.

Recommendations For MyForum version 1.3, consider disabling the register globals setting to prevent exploitation. As a temporary workaround, restrict access to the admin/centre.php file until a patch is available. Avoid using the padmin parameter in the affected file until the issue is resolved.