Unrated severityNVD Advisory· Published Jul 21, 2007· Updated Apr 23, 2026

CVE-2007-3942

Description

Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.1.3 allows remote attackers to include local files via unspecified vectors related to the sourcedir parameter or the actionArray hash. NOTE: CVE and multiple third parties dispute this vulnerability because both sourcedir and actionArray are defined before use

Affected products

Simple Machines/Simple Machines Forum
cpe:2.3:a:simple_machines:simple_machines_forum:1.1.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/archive/1/473866/100/0/threadednvd
www.securityfocus.com/archive/1/473991/100/0/threadednvd
www.securityfocus.com/archive/1/480572/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/35451nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000