Simple Machines Forum (SMF) 1-0-5 and earlier supports the use of URLs for avatar images, which allows remote attackers to monitor sensitive information of forum visitors such as IP address and user agent, as demonstrated using a PHP script on a malicious server.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-09-07T04:00:00

Updated: 2024-08-07T22:45:02.266Z

Reserved: 2005-09-07T00:00:00

Link: CVE-2005-2817

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2005-09-07T19:07:00.000

Modified: 2017-07-11T01:33:00.437

Link: CVE-2005-2817

cve-icon Redhat

No data.