vendor:
Not provided
by:
ThE dE@Th
7.5
CVSS
HIGH
Path Disclosure and Remote Code Execution
Not provided
CWE
Product Name: Not provided
Affected Version From: Not provided
Affected Version To: Not provided
Patch Exists: NO
Related CWE: Not provided
CPE: Not provided
Platforms Tested: Not provided
2007
SMF Path Disclosure and Remote Code Execution
The vulnerability allows an attacker to disclose the path of sensitive files on the server and execute arbitrary code by injecting a shell command in the 'path_to_smf' parameter in two different PHP files: 'logout.php' and 'get_session_vars.php'. This vulnerability was discovered by ThE dE@Th from the AsB-MaY DiScOvEr ExPlIoTs Gr0uP.
Mitigation:
The vendor should sanitize user-supplied input in the 'path_to_smf' parameter to prevent command injection and disclose sensitive information. Additionally, the use of proper access controls and file permission settings can mitigate the impact of this vulnerability.