Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation18 reference(s) from NVD