CVE-2016-5726

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-5726
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5726.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-5726
Published
2017-02-09T15:59:01Z
Modified
2024-09-03T01:21:20.009672Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter.

References

Affected packages

Git / github.com/simplemachines/smf

Affected ranges

Type
GIT
Repo
https://github.com/simplemachines/smf
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

2.*

2.1beta1

v2.*

v2.1-beta.1
v2.1-beta.2
v2.1-beta.3
v2.1-rc.1
v2.1-rc.2
v2.1-rc.3
v2.1-rc.4
v2.1.0