CVE-2016-5727

Source
https://nvd.nist.gov/vuln/detail/CVE-2016-5727
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-5727.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-5727
Published
2017-02-09T15:59:01Z
Modified
2025-01-08T10:03:53.876543Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via vectors related to variables derived from user input in a foreach loop.

References

Affected packages

Git / github.com/simplemachines/smf

Affected ranges

Type
GIT
Repo
https://github.com/simplemachines/smf
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

2.*

2.1beta1

v2.*

v2.1-beta.1
v2.1-beta.2