Vulnerabilities > CVE-2007-0399 - Unspecified vulnerability in Simple Machines Simple Machines Forum 1.1Rc3

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

simple-machines

exploit available

NVD

Published: 2007-01-22

Updated: 2024-11-21

Summary

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Simple Machines Forum (SMF) 1.1 RC3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) recipient or (2) BCC field when selecting send in a pm action.

Vulnerable Configurations

Part	Description	Count
Application	Simple_Machines Simple Machines Simple Machines Forum 1.1_Rc3	1

Exploit-Db

description	SMF 1.1 Index.PHP HTML Injection Vulnerability. CVE-2007-0399. Webapps exploit for php platform
id	EDB-ID:29499
last seen	2016-02-03
modified	2007-01-20
published	2007-01-20
reporter	Aria-Security Team
source	https://www.exploit-db.com/download/29499/
title	SMF 1.1 Index.PHP HTML Injection Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References