CVE-2009-4467 Information

Description

misc.php in DeluxeBB 1.3 allows remote attackers to register accounts without a valid email address via a valemail action with the valmem set to a pre-assigned user ID which is visible from a memberlist action.

Reference

http://www.exploit-db.com/exploits/10598 http://www.securityfocus.com/bid/37448 https://exchange.xforce.ibmcloud.com/vulnerabilities/54979