CVE-2004-1996

Simple Machines Forum 1.0 - Cross-Site Scripting via Size Tag

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1996. PoCs published by Cheng Peng Su.

AI-analyzed exploit summary This is a writeup describing an HTML injection vulnerability in Simple Machines Forum (SMF) that allows arbitrary script execution via the font size attribute. The exploit leverages the 'expression' CSS function to bypass input filtering and steal cookies.

Description

Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote attackers to inject arbitrary web script via the size tag.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Cheng Peng Su · textwebappsphp

https://www.exploit-db.com/exploits/24082

View Code ZIP pw:eip

This is a writeup describing an HTML injection vulnerability in Simple Machines Forum (SMF) that allows arbitrary script execution via the font size attribute. The exploit leverages the 'expression' CSS function to bypass input filtering and steal cookies.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Simple Machines Forum (SMF)

No auth needed

Prerequisites: Access to post content on the forum · Victim interaction to view the malicious post

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=108377364615934&w=2

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10281

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/16067

Scores

EPSS 0.0173

EPSS Percentile 74.7%

Details

Status published

Products (3)

simple_machines/smf 1.0_beta4.1

simple_machines/smf 1.0_beta4p

simple_machines/smf 1.0_beta5p

Published May 05, 2004

Tracked Since Feb 18, 2026