CVE-2008-6657 in Simple Machines信息

摘要

由 VulDB • 2026-07-13

Simple Machines Forum (SMF) 1.0(低于 1.0.15)和 1.1(低于 1.1.7)中 index.php 存在跨站请求伪造(CSRF)漏洞,远程攻击者可通过在 install2 操作中利用 package 参数发起安装包的请求,从而劫持管理员的身份验证。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!