CVE-2008-5090

N/A Unknown

Published: November 14, 2008 Modified: April 23, 2026

Description

Electron Inc. Advanced Electron Forum before 1.0.7 allows remote attackers to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/31978

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/4598

Source: cve@mitre.org

http://www.anelectron.com/board/index.php?tid=3282

Source: cve@mitre.org

Vendor Advisory

http://www.gulftech.org/?node=research&article_id=00131-09202008

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/496552/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/31268

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/45270

Source: cve@mitre.org

https://www.exploit-db.com/exploits/6499

Source: cve@mitre.org

http://secunia.com/advisories/31978