CVE-2016-5726

Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter.
References
Link Resource
http://www.openwall.com/lists/oss-security/2016/06/18/1 Mailing List Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/06/10/7 Mailing List Patch Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:simplemachines:simple_machines_forum:2.1:*:*:*:*:*:*:*

Information

Published : 2017-02-09 07:59

Updated : 2017-02-23 10:20


NVD link : CVE-2016-5726

Mitre link : CVE-2016-5726


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

simplemachines

  • simple_machines_forum