2 matches found
CVE-2009-5068
There is a file disclosure vulnerability in SMF Simple Machines Forum affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several "co-admins" that are not trusted beyond the SMF deployment. This vulnerability allows them to read arbitrary files on the filesyste...
CVE-2009-5068
The CVE concerns Simple Machines Forum (SMF) up to version 2.0.3. In some deployments, co-admins with access to the same SMF instance can read arbitrary files, including settings.php containing database passwords, enabling privilege escalation. No specific exploit details or mitigations are provi...