Unrated severityNVD Advisory· Published Nov 14, 2008· Updated Apr 23, 2026
CVE-2008-5090
CVE-2008-5090
Description
Electron Inc. Advanced Electron Forum before 1.0.7 allows remote attackers to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.
Affected products
6cpe:2.3:a:anelectron:advanced_electron_forum:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:anelectron:advanced_electron_forum:*:*:*:*:*:*:*:*range: <=1.0.6
- cpe:2.3:a:anelectron:advanced_electron_forum:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:anelectron:advanced_electron_forum:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:anelectron:advanced_electron_forum:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:anelectron:advanced_electron_forum:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:anelectron:advanced_electron_forum:1.0.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.securityfocus.com/bid/31268nvdExploit
- secunia.com/advisories/31978nvdVendor Advisory
- www.anelectron.com/board/index.phpnvdVendor Advisory
- securityreason.com/securityalert/4598nvd
- www.gulftech.orgnvd
- www.securityfocus.com/archive/1/496552/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/45270nvd
- www.exploit-db.com/exploits/6499nvd
News mentions
0No linked articles in our index yet.