Vulnerabilities > CVE-2007-5943 - Configuration vulnerability in Simple Machines Simple Machines Forum 1.1.4

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

simple-machines

CWE-16

NVD

Published: 2007-11-14

Updated: 2018-10-15

Summary

Simple Machines Forum (SMF) 1.1.4 allows remote attackers to read a message in private forums by using the advanced search module with the "show results as messages" option, then searching for possible keywords contained in that message.

Vulnerable Configurations

Part	Description	Count
Application	Simple_Machines Simple Machines Simple Machines Forum 1.1.4	1

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

References

http://www.securityfocus.com/archive/1/483437/100/0/threaded
http://www.securityfocus.com/bid/26508