SimpleBBS v1.1(posts.php) remote command execution

[stormhacker@xxxxxxxxxxx]

[W]orld [D]efacers Team
======================================
--------------------Summary----------------
eVuln ID: WD10
Vendor: SimpleBBS 
Vendor's Web Site: www.simplemedia.org
Software: SimpleBBS Forums
Sowtware's Web Site: www.simplemedia.org
Versions: v1.1 v 1.0.*
Class: Remote
PoC/Exploit: Available
Solution: Not Available
Discovered by: rUnViRuS (worlddefacers.de)
-----------------Description---------------
posts.php File command execution
$cmd

--------------PoC/Exploit----------------------
http://www.worlddefacers.de/Public/WD-SMPL.txt
--------------Solution---------------------
No Patch available.

--------------Credit-----------------------
Discovered by: rUnViRuS (worlddefacers.de)

-------------------------------------------