CVE-2013-4465

Unrestricted file upload vulnerability in the avatar upload functionality in Simple Machines Forum before 2.0.6 and 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:simplemachines:simple_machines_forum:*:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.12:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.13:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.14:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.15:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.16:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.17:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.18:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.19:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.20:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.21:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.22:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.0.23:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.9:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.10:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.11:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.12:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.13:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.14:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.15:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.16:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:1.1.17:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:2.0:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:simplemachines:simple_machines_forum:2.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:55

Type Values Removed Values Added
References () http://download.simplemachines.org/index.php?thanks%3Bfilename=smf_2-0-6_changelog.txt - () http://download.simplemachines.org/index.php?thanks%3Bfilename=smf_2-0-6_changelog.txt -
References () http://www.openwall.com/lists/oss-security/2013/10/23/6 - () http://www.openwall.com/lists/oss-security/2013/10/23/6 -
References () http://www.openwall.com/lists/oss-security/2013/10/25/3 - () http://www.openwall.com/lists/oss-security/2013/10/25/3 -
References () http://www.securityfocus.com/bid/63275 - () http://www.securityfocus.com/bid/63275 -
References () https://github.com/SimpleMachines/SMF2.1/issues/701 - () https://github.com/SimpleMachines/SMF2.1/issues/701 -

Information

Published : 2013-10-25 23:55

Updated : 2024-11-21 01:55


NVD link : CVE-2013-4465

Mitre link : CVE-2013-4465

CVE.ORG link : CVE-2013-4465


JSON object : View

Products Affected

simplemachines

  • simple_machines_forum