Submit #380189: SimpleMachines SMF 2.1.4 Insecure Direct Object Referenceinfo

TitleSimpleMachines SMF 2.1.4 Insecure Direct Object Reference
DescriptionSMF v2.1.4 suffers from IDOR - Broken Access Control Vulnerability allowing attackers to delete other user's alerts (horizontal privilege escalation).
Source⚠️ https://github.com/Fewword/Poc/blob/main/smf/smf-poc1.md
User
 Fewwords (UID 42682)
Submission07/25/2024 16:59 (2 years ago)
Moderation08/02/2024 23:22 (8 days later)
StatusAccepted
VulDB entry273522 [SimpleMachines SMF 2.1.4 Delete User aid resource injection]
Points15

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!