CVE-2005-4135
SimpleBBS <1.1 - Code Injection
Title source: llmDescription
Direct static code injection vulnerability in includes/newtopic.php in SimpleBBS 1.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the Host header (possibly the name parameter or variable), which is then written to data/topics.php.
Exploits (1)
References (5)
Scores
EPSS
0.1480
EPSS Percentile
94.5%
Details
Status
published
Products (3)
simplemedia/simplebbs
1.0.6
simplemedia/simplebbs
1.0.7
simplemedia/simplebbs
1.1
Published
Dec 09, 2005
Tracked Since
Feb 18, 2026