CVE-2016-5727

LogInOut.php in Simple Machines Forum SMF 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via vectors related to variables derived from user input in a foreach loop...

Design/Logic Flaw

Packages.php in Simple Machines Forum SMF 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter...

Design/Logic Flaw

LogInOut.php in Simple Machines Forum SMF 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via vectors related to variables derived from user input in a foreach loop...

CVE-2016-5726

CVE-2016-5726 affects SMF 2.1, where Packages.php is vulnerable to a PHP object injection via the themechanges array parameter, enabling remote code execution. The vulnerability stems from how user-supplied data within that parameter is processed, allowing an attacker to craft payloads that execu...

CVE-2016-5727

CVE-2016-5727 affects Simple Machines Forum (SMF) 2.1. The vulnerability allows remote attackers to perform PHP object injection and execute arbitrary PHP code via vectors related to variables derived from user input in a foreach loop. The description indicates an input-derived injection in LogIn...

SMF 2.1 Beta 2 Remote Code Execution 0day Exploit

SMF 2.1 Beta 2 0day Exploit allow a remote attacker with the ability to create a basic user account to execute arbitrary code with the privileges of the application. You use python exploit and can authomatic shell upload and remote code execution Usage Info example Remote code execution: exploit....