misc.php in DeluxeBB 1.3 allows remote malicious users to register accounts without a valid email address via a valemail action with the valmem set to a pre-assigned user ID, which is visible from a memberlist action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
deluxebb deluxebb 1.3 |