Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator. NOTE: the vendor's position is that administrators are intended to have the ability to modify themes, and can thus choose any PHP code that they wish to have executed on the server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SimpleMachinesForum 代码注入漏洞
Vulnerability Description
SimpleMachinesForum是一个开源的论坛软件。 SimpleMachinesForum 2.1.1版本及之前版本存在安全漏洞,通过身份验证的远程攻击者通过插入易受攻击的php代码来执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A