PT-2014-3297 · Simple Machines · Simple Machines Forum
Jakob Lell
·
Publicado
2014-04-29
·
Atualizado
2014-04-30
·
CVE-2013-7235
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Simple Machines Forum (SMF) versions prior to 1.1.19
Simple Machines Forum (SMF) versions 2.x prior to 2.0.6
Description
The issue allows remote attackers to impersonate arbitrary users by utilizing multiple space characters.
Recommendations
For Simple Machines Forum (SMF) versions prior to 1.1.19, update to version 1.1.19 or later.
For Simple Machines Forum (SMF) versions 2.x prior to 2.0.6, update to version 2.0.6 or later.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Simple Machines Forum