Full Disclosure mailing list archives

Re: File Disclosure in SimpleMachines Forum <= 2.0.3

From: WHK Yan <yan.uniko.102 () gmail com>
Date: Thu, 10 Jan 2013 09:12:21 -0300

I am WHK, along with sdc simpleaudit did, I'm part of the staff of
simplemachines.
http://foro.elhacker.net/nivel_web/auditoria_de_seguridad_hacia_simple_machines_forum_20-t271199.0.html

security flaw that was never repaired, no CVE-ID, no one remembered, but the
fault is still.
The failure affected the RC version, this affects the stable version.

2013/1/8 mohammed sa <sa.attacker () gmail com>

Hi

this p0c old from 2009
http://www.exploit-db.com/exploits/10274

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: File Disclosure in SimpleMachines Forum <= 2.0.3 mohammed sa (Jan 10)
- Re: File Disclosure in SimpleMachines Forum <= 2.0.3 WHK Yan (Jan 10)