LightBlog <= 9.9.2 (register.php) PHP Code Injection Vulnerability
Description:
LightBlog contains a flaw that allows malicious users to execute arbitrary PHP code. The issue is due to user-supplied input passed via multiple parameters to register.php is not properly sanitized before being stored within a php file.
References:
Disclosure Date:
April 27, 2009