NVD

Id
4874  
Name
CVE-2008-5090  
Description
Electron Inc. Advanced Electron Forum before 1.0.7 allows remote attackers to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2008-11-14  
Modified Date
2009-01-29  
Seq
2008-5090  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
30681 4874 CVE-2008-5090 4598  View
30682 4874 CVE-2008-5090 http://www.anelectron.com/board/index.php?tid=3282  View
30683 4874 CVE-2008-5090 http://www.gulftech.org/?node=research&article_id=00131-09202008  View
30684 4874 CVE-2008-5090 6499  View
30685 4874 CVE-2008-5090 20080920 Advanced Electron Forum <= 1.0.6 Remote Code Execution  View
30686 4874 CVE-2008-5090 31268  View
30687 4874 CVE-2008-5090 aef-pregreplace-code-execution(45270)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
48331 JVNDB-2008-003641 Electron Inc. Advanced Electron Forum における任意の PHP コードが実行される脆弱性 Electron Inc. Advanced Electron Forum には、eval スイッチを含む preg_replace 関数によって処理されるため、任意の PHP コードが実行される脆弱性が存在します。 CVE-2008-5090 35203 CVE-2008-5090 4874 10 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003641.html 2008-11-14 2012-06-26 View