icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Simple Machines Forum %lt; 1.1.4 / 1.0.12 SQL Injection

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running the Simple Machines Forum (SMF), a web forum. This version of SMF is vulnerable to a flaw in the way that it handles user-supplied data.

- The 'topic' request parameter is used in a database query without proper sanitation. An attacker exploiting this flaw would be able to execute arbitrary SQL code against the remote database. - The second issue occurs in the 'preparsecode()' function when posting a message with multiple '[html]' tags.

NOTE: both of these issues require credentials in order to exploit.

Solution

Upgrade to version 1.1.4, 1.0.12 or higher.