Is SMF vulnerable sofware?

Discussion in 'SMF' started by tym busku, Jul 20, 2018.

  1. tym busku

    tym busku Neophyte

    1
    1
    +1
    Hi ALL !
    It seems more people are being hacked by these Turk groups.

    When AAF was SMF right before the conversion to IP.Board, we were victim to the hacking. It didn't take a whole lot to recover from it but I do remember it was from the Turkish hackers.

    Could it be SMF in general? Is there security flaws in the software?

    Note: This isn't a bash to SMF, its an observation. Mature reponses requeste
     
  2. zappaDPJ

    zappaDPJ Administrator

    6,422
    1,342
    +4,835
    As far as I'm aware there no known vulnerabilities in the current version 2.0.15.
     
  3. Pete

    Pete Flavours of Forums Forever

    1,773
    227
    +607
    Correct, there are no known flaws in 2.0.15. We're talking 15 patches in 7 years - and not every single one of those was a security patch - 2.0.7/8 were mostly PHP 5.5+ compatibility changes, 2.0.14 was PHP 7+ compatibility.

    The reality of attacks on SMF is mostly due to poor security practice on hosting environments, and/or password reuse. When Avast got hacked in 2014, it was a bad password combined with the ability to edit the theme code directly from the admin panel that was exploited, not any actual vulnerability.

    Disclaimer: I have been on the SMF development team.
     
    • Like Like x 1
    • Agree Agree x 1
    • Informative! Informative! x 1
    • List
  4. Oldcrow

    Oldcrow Enthusiast

    248
    63
    +35
    I have been using SMF for quiet a few years now, I have no problems with the security on it..Good passwords help..and stay updated.

    Ron.
     
  5. Daniel

    Daniel Aspirant

    11
    8
    +7
    When it comes down to it, I think just about any of the options you go with could potentially be vulnerable if a hacker was determined enough to try and find an exploit. However, I did find it interesting to read this thread seeing as I just put together a new community of my own using SMF and was a bit concerned until I read through the rest of the post :)
     
Verification:
Draft saved Draft deleted
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.