CVE-2012-4036

Name of the Vulnerable Software and Affected Versions PBBoard version 2.1.4

Description The issue allows remote administrators to execute arbitrary PHP code by uploading a file with an executable extension to the addons directory via admin.php, and then accessing it directly. This can be exploited by remote attackers.

Recommendations For PBBoard version 2.1.4, consider restricting access to the admin.php file and the addons directory to prevent unauthorized file uploads. As a temporary workaround, restrict the ability to upload files with executable extensions to minimize the risk of exploitation.