Attack vector NETWORK
Attack complexity LOW
Privileges required NONE
Confidentiality impact PARTIAL
Integrity impact PARTIAL
Availability impact PARTIAL
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Simple Machines Forum (SMF) 1.1.4 allow remote attackers to execute arbitrary PHP code via a URL in the (1) settings[default_theme_dir] parameter to Sources/Subs-Graphics.php and (2) settings[default_theme_dir] parameter to Sources/Themes.php. NOTE: CVE and multiple third parties dispute this issue because the files contain a protection mechanism against direct request.
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Leverage Executable Code in Non-Executable Files
- Manipulating User-Controlled Variables
This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An attacker can override environment variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the attacker can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.
|description||Simple Machines Forum 1.1.4 Multiple Remote File Include Vulnerabilities. CVE-2008-6544. Webapps exploit for php platform|
|title||Simple Machines Forum <= 1.1.4 - Multiple Remote File Include Vulnerabilities|