Exploit Database - Logo

Simple Machines Forum (SMF) 1.1.6 - POST Request Filter Security Bypass

EDB-ID: 32462 Author: WHK Published: 2008-10-06
CVE: N/A Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: Link Tags: Vulnerability
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: Download Vulnerable Application
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/31594/info

Simple Machines Forum (SMF) is prone to a security-bypass vulnerability because the application fails to sufficiently sanitize user-supplied input.

Attackers can exploit this issue to bypass filter restrictions and post spam content onto the affected site. Other attacks are also possible.

SMF 1.1.6 is vulnerable; other versions may also be affected.

[b]ht[b][/b]tp://www.ex[i][/i]ample.com/[/b]

Related Exploits

Trying to match setup file: bb513047203ec487d1d1f353346f543b
Other Possible E-DB Search Terms: Simple Machines Forum (SMF) 1.1.6,  Simple Machines Forum
Date D V Title Author
2009-02-03Download Exploit Code Verified Simple Machines Forum (SMF) - 'BBCode' Cookie StealingXianur0
2004-05-05Download Exploit Code Verified Simple Machines Forum (SMF) 1.0 - Size Tag HTML InjectionCheng Peng Su
2009-01-12Download Exploit Code Verified Simple Machines Forum (SMF) 1.0.13/1.1.5 - 'Destroyer 0.1' Password Reset Security BypassXianur0
2005-06-21Download Exploit Code Verified Simple Machines Forum (SMF) 1.0.4 - 'modify' SQL InjectionJames Bercegay
2006-10-19Download Exploit Code Verified Simple Machines Forum (SMF) 1.0/1.1 - 'index.php' Cross-Site Scriptingb0rizQ
2006-08-20Download Exploit Code Verified Simple Machines Forum (SMF) 1.1 rc2 (Windows) - 'lngfile' Remote Exploitrgod
2006-08-22Download Exploit Code Verified Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics Remote Exploitrgod
2009-12-02Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.10/2.0 RC2 - Multiple VulnerabilitiesSimpleAudit...
2011-08-25Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request ForgeryChristian Y...
2011-12-06Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.15 - 'fckeditor' Arbitrary File UploadHELLBOY
2007-10-20Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.3 - Blind SQL InjectionMichael Brooks
2008-03-28Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.4 - Multiple Remote File InclusionSibertrwolf
2008-06-15Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.4 - SQL InjectionThe:Paradox
2008-09-06Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password ExploitRaz0r
2008-11-05Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.6 - (Local File Inclusion) Code Execution~elmysterio
2008-11-04Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.6 - Code ExecutionCharles Fol
2009-02-03Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML InjectionXianur0
2009-01-26Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package UploadXianur0
2010-03-27Download Exploit Code Verified Simple Machines Forum (SMF) 1.1.8 - 'avatar' Remote PHP File Execute (PoC)JosS
2011-08-07Download Exploit Code Waiting verification Simple Machines Forum (SMF) 2.0 - Session Hijackingseth
2012-03-29Download Exploit Code Verified Simple Machines Forum (SMF) 2.0.2 - 'scheduled' Parameter Cross-Site ScriptingAm!r
Menu