CVE-2007-2546
Simple Machines Forum <1.1.2 - Info Disclosure
Title source: llmDescription
Session fixation vulnerability in Simple Machines Forum (SMF) 1.1.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
References (7)
Scores
EPSS
0.0145
EPSS Percentile
80.6%
Classification
CWE
CWE-287
Status
draft
Affected Products (1)
simple_machines/simple_machines_forum
< 1.1.2
Timeline
Published
May 09, 2007
Tracked Since
Feb 18, 2026