DeluxeBB <= 1.2 (admincp.php) PHP Code Injection Vulnerability

Description:

Static code injection vulnerability in admincp.php in DeluxeBB 1.2 and earlier allows remote authenticated administrators to inject arbitrary PHP code into logs/cp.php via the URI.

References:

CVE-2008-2195
BID-29062
EDB-5550

Disclosure Date:

May 5, 2008