3 matches found
CVE-2013-7466
CVE-2013-7466 affects Simple Machines Forum (SMF) 2.0.4. The issue is a local file inclusion vulnerability in install.php that can execute remote code via an ../ directory traversal in the db_type parameter if install.php remains after installation. This is documented to enable remote code execut...
CVE-2013-7468
Simple Machines Forum SMF 2.0.4 allows PHP Code Injection via the index.php?action=admin;area=languages;sa=editlang dictionary parameter...
SMF 2.0.4 PHP Code Injection
'.$page; curlclose$ch; // to close 'logged-in' part ?...