ID de Prueba:	1.3.6.1.4.1.25623.1.0.100371
Categoría:	Web application abuses
Título:	Simple Machines Forum Multiple Security Vulnerabilities
Resumen:	Simple Machines Forum is prone to multiple security vulnerabilities:;; - A remote PHP code-execution vulnerability;; - Multiple cross-site scripting vulnerabilities;; - Multiple cross-site request-forgery vulnerabilities;; - An information disclosure vulnerability;; - Multiple denial-of-service vulnerabilities.
Descripción:	Summary: Simple Machines Forum is prone to multiple security vulnerabilities: - A remote PHP code-execution vulnerability - Multiple cross-site scripting vulnerabilities - Multiple cross-site request-forgery vulnerabilities - An information disclosure vulnerability - Multiple denial-of-service vulnerabilities. Vulnerability Impact: Attackers can exploit these issues to execute arbitrary script code within the context of the webserver, perform unauthorized actions on behalf of legitimate users, compromise the affected application, steal cookie-based authentication credentials, obtain information that could aid in further attacks or cause denial-of-service conditions. Affected Software/OS: These issues affect Simple Machines Forum 2.0 RC2. Some of these issues also affect version 1.1.10. Solution: Reportedly, the vendor fixed some of the issues in the release 1.1.11. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.