EIP-2026-112116

PRE-CVE

Simple Machines Forum (SMF) 2.0 - Session Hijacking

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112116. PoCs published by seth.

AI-analyzed exploit summary This exploit demonstrates a session hijacking vulnerability in Simple Machines Forum (SMF) 2.0 by leaking the session token via the Referer header when a victim views a crafted image. The PoC then uses the stolen token to escalate privileges to admin.

Description

Simple Machines Forum (SMF) 2.0 - Session Hijacking

Exploits (1)

exploitdb WORKING POC

by seth · textwebappsphp

https://www.exploit-db.com/exploits/17637

View Code ZIP pw:eip

This exploit demonstrates a session hijacking vulnerability in Simple Machines Forum (SMF) 2.0 by leaking the session token via the Referer header when a victim views a crafted image. The PoC then uses the stolen token to escalate privileges to admin.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Simple Machines Forum (SMF) 2.0

Auth required

Prerequisites: Victim must be a moderator or have access to moderation features · Attacker must be able to insert malicious image via BBCode

MITRE ATT&CK

T1189 - Drive-by Compromise T1557 - Adversary-in-the-Middle

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026