vendor:
by:
Dr Max Virus
N/A
CVSS
N/A
Bug in lib/selectlang.php
CWE
Product Name:
Affected Version From: 0.31
Affected Version To: 0.31
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
Script:bbclone
The vulnerability exists in the bbclone script, specifically in the lib/selectlang.php file. The vulnerability is caused by the insecure handling of the BBC_LANGUAGE_PATH parameter. An attacker can exploit this vulnerability by injecting malicious code into the BBC_LANGUAGE_PATH parameter, leading to arbitrary code execution. This vulnerability was discovered by Dr Max Virus in 2007.
Mitigation:
Unknown