Simple Machines Forum CVE-2006-4467 Directory Traversal Vulnerability

Simple Machines Forum is prone to a directory traversal vulnerability because it does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter s hash value, which allows remote attackers to perform directory traversal attacks to read arbitrary local files, lock topics, and possibly have other security impacts.


Privacy Statement
Copyright 2010, SecurityFocus