Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
QueryString.php in Simple Machines Forum (SMF) 1.0.7 and earlier, and 1.1rc2 and earlier, allows remote attackers to more easily spoof the IP address and evade banning via a modified X-Forwarded-For HTTP header, which is preferred instead of other more reliable sources for the IP address. NOTE: the original researcher claims that the vendor has disputed this issue
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Simple Machines Forum 安全漏洞
Vulnerability Description
Simple Machines Forum(SMF)是美国SMF团队的一套开源的网络论坛系统。 Simple Machines Forum (SMF) 1.0.7 及更早版本以及 1.1rc2 及更早版本中存在安全漏洞,该漏洞源于 QueryString.php 允许远程攻击者更轻松地欺骗 IP 地址并通过修改后的 X-Forwarded-For HTTP 标头逃避禁令。
CVSS Information
N/A
Vulnerability Type
N/A