Full title: SMF 2.0.x Remote Code Execution 0day Exploit 
Category: web applications
Platform: php
When used in conjunction, multiple vulnerabilities within SMF 2.0.x allow a remote attacker with the ability to create a basic user account to execute arbitrary code with the privileges of the application.

# 0day.today @ http://0day.today/