CVE-2018-10305 – The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2 …

0

Vuln ID: CVE-2018-10305

Published:  2018-04-24  02:29:00Z

Description: The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2.0.15 does not properly use the possible_users variable in a query, which might allow attackers to bypass intended access restrictions.

Source: NVD.NIST.GOV