EIP-2026-112104
PRE-CVESimple Machine Forum 2.0.x < 2.0.4 - File Disclosure / Directory Traversal
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-112104. PoCs published by NightlyDev.
AI-analyzed exploit summary This exploit leverages a path traversal vulnerability in Simple Machines Forum (SMF) versions prior to 2.0.4. It allows an authenticated attacker with 'admin_forum' privileges to disclose arbitrary files by encoding the file path in base64 and appending it to the URL.
Description
Simple Machine Forum 2.0.x < 2.0.4 - File Disclosure / Directory Traversal
Exploits (1)
This exploit leverages a path traversal vulnerability in Simple Machines Forum (SMF) versions prior to 2.0.4. It allows an authenticated attacker with 'admin_forum' privileges to disclose arbitrary files by encoding the file path in base64 and appending it to the URL.