{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-5727", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via vectors related to variables derived from user input in a foreach loop." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/SimpleMachines/SMF2.1/issues/3522", "refsource": "CONFIRM", "url": "https://github.com/SimpleMachines/SMF2.1/issues/3522" }, { "name": "https://github.com/SimpleMachines/SMF2.1/commit/19e560b9f3e8fc6d7d9d60c1ff617b5ed5c08008#diff-513c4f9c501cbefcc14420c01848f23c", "refsource": "CONFIRM", "url": "https://github.com/SimpleMachines/SMF2.1/commit/19e560b9f3e8fc6d7d9d60c1ff617b5ed5c08008#diff-513c4f9c501cbefcc14420c01848f23c" }, { "name": "[oss-security] 20160618 Re: Simple Machines Forums - PHP Object Injection", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/06/18/1" }, { "name": "[oss-security] 20160610 Simple Machines Forums - PHP Object Injection", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/06/10/7" } ] } }