CVE-2007-3942
First published: Sat Jul 21 2007(Updated: )
** DISPUTED ** Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.1.3 allows remote attackers to include local files via unspecified vectors related to the sourcedir parameter or the actionArray hash. NOTE: CVE and multiple third parties dispute this vulnerability because both sourcedir and actionArray are defined before use.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Simple Machines Forum | =1.1.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2007-3942?
The severity of CVE-2007-3942 is disputed, and specific impact assessments vary among sources.
How do I fix CVE-2007-3942?
To fix CVE-2007-3942, it is recommended to upgrade to a newer version of Simple Machines Forum that addresses this vulnerability.
What versions of Simple Machines Forum are affected by CVE-2007-3942?
CVE-2007-3942 affects Simple Machines Forum version 1.1.3.
What type of vulnerability is CVE-2007-3942?
CVE-2007-3942 is a directory traversal vulnerability that allows remote attackers to include local files.
What is the potential impact of CVE-2007-3942?
The potential impact of CVE-2007-3942 includes unauthorized access to files on the server.
- agent/references
- agent/author
- agent/type
- agent/severity
- agent/weakness
- agent/status
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/event
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-historical
- vendor/simple machines
- canonical/simple machines forum
- version/simple machines forum/1.1.3
- status/disputed