misc.php in DeluxeBB 1.3 allows remote attackers to register accounts without a valid email address via a valemail action with the valmem set to a pre-assigned user ID, which is visible from a memberlist action.
References
Configurations
Information
Published : 2009-12-30 12:00
Updated : 2017-08-16 18:31
NVD link : CVE-2009-4467
Mitre link : CVE-2009-4467
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
deluxebb
- deluxebb