Static code injection vulnerability in forms/ajax/configure.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index.php.Referenceshttp://www.securityfocus.com/bid/34370https://exchange.xforce.ibmcloud.com/vulnerabilities/49679https://www.exploit-db.com/exploits/8350
