Vulnonym.org

CVE-2008-2769 - Mercian Cycles

Description

PHP remote file inclusion vulnerability in authentication/smf/smf.functions.php in Simple Machines phpRaider 1.0.6 and 1.0.7 allows remote attackers to execute arbitrary PHP code via a URL in the pConfig_auth[smf_path] parameter.

Reference

http://forums.phpraider.com/showthread.php?t=1087#v1_0_7b_-_May_29__2008 http://securityreason.com/securityalert/3947 https://exchange.xforce.ibmcloud.com/vulnerabilities/42996 http://www.securityfocus.com/archive/1/493275/100/0/threaded