CVE-2005-2817 Information

Feb 14, 2021 cve

Description

Simple Machines Forum (SMF) 1-0-5 and earlier supports the use of URLs for avatar images which allows remote attackers to monitor sensitive information of forum visitors such as IP address and user agent as demonstrated using a PHP script on a malicious server.

Reference

http://rgod.altervista.org/smf105.html http://seclists.org/lists/bugtraq/2005/Aug/0438.html http://secunia.com/advisories/16646 http://securitytracker.com/id?1014828 https://exchange.xforce.ibmcloud.com/vulnerabilities/22093

Share on: