Vulnerabilities > Simple Machines > SMF > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-11-17 | CVE-2012-5903 | Cross-Site Scripting vulnerability in Simple Machines SMF 2.0.2 Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the scheduled parameter to index.php. | 4.3 |
| 2006-12-07 | CVE-2006-6375 | HTML Injection vulnerability in SMF Image File Cross-site scripting (XSS) vulnerability in display.php in Simple Machines Forum (SMF) 1.1 Final and earlier allows remote attackers to inject arbitrary web script or HTML via the contents of a file that is uploaded with the image parameter set, which can be interpreted as script by Internet Explorer's automatic type detection. network simple-machines | 6.8 |
| 2004-05-05 | CVE-2004-1996 | HTML Injection vulnerability in Simple Machines SMF 1.0Beta4.1/1.0Beta4P/1.0Beta5P Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote attackers to inject arbitrary web script via the size tag. network simple-machines | 4.3 |