Описание
Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with resultant remote code execution, in install.php via ../ directory traversal in the db_type parameter if install.php remains present after installation.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:simplemachines:simple_machines_forum:2.0.4:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01377
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with resultant remote code execution, in install.php via ../ directory traversal in the db_type parameter if install.php remains present after installation.
EPSS
Процентиль: 80%
0.01377
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-22