HIGH🇵🇱 Wersja polska

CVE-2013-7468

CVSS 8.1v3.0pub. 2019-03-07upd. 2024-11-21

Simple Machines Forum (SMF) 2.0.4 allows PHP Code Injection via the index.php?action=admin;area=languages;sa=editlang dictionary parameter.

CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Simplemachines Simple Machines Forum

    APP
    Simplemachines
    2.0.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2018-10305CRITICAL9.8ten sam produkt

The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2.0.15 does not prope...

CVE-2016-5726CRITICAL9.8ten sam produkt

Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attack...

CVE-2022-26982HIGH7.2ten sam produkt

SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by ...

CVE-2009-5068HIGH7.2ten sam produkt

There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On ...

CVE-2013-7466HIGH8.8ten sam produkt

Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with resultant remote code execution, in instal...