Vulnerabilities > Simplemachines

DATE CVE VULNERABILITY TITLE RISK
2025-03-21 CVE-2025-2582 Code Injection vulnerability in Simplemachines Simple Machines Forum 2.1.4
A vulnerability was found in SimpleMachines SMF 2.1.4 and classified as problematic.
network
low complexity
simplemachines CWE-94
5.4
2025-03-21 CVE-2025-2583 Code Injection vulnerability in Simplemachines Simple Machines Forum 2.1.4
A vulnerability was found in SimpleMachines SMF 2.1.4.
network
low complexity
simplemachines CWE-94
6.1
2024-08-03 CVE-2024-7438 Authorization Bypass Through User-Controlled Key vulnerability in Simplemachines Simple Machines Forum 2.1.4
A vulnerability has been found in SimpleMachines SMF 2.1.4 and classified as problematic.
network
low complexity
simplemachines CWE-639
4.3
2024-08-03 CVE-2024-7437 Authorization Bypass Through User-Controlled Key vulnerability in Simplemachines Simple Machines Forum 2.1.4
A vulnerability, which was classified as critical, was found in SimpleMachines SMF 2.1.4.
network
low complexity
simplemachines CWE-639
4.3
2022-04-05 CVE-2022-26982 Code Injection vulnerability in Simplemachines Simple Machines Forum
SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator.
network
low complexity
simplemachines CWE-94
7.2
2020-03-20 CVE-2019-11574 Server-Side Request Forgery (SSRF) vulnerability in Simplemachines Simple Machine Forum
An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17.
network
low complexity
simplemachines CWE-918
critical
9.8
2020-02-12 CVE-2013-4395 Cross-site Scripting vulnerability in Simplemachines Simple Machines Forum
Simple Machines Forum (SMF) through 2.0.5 has XSS
network
low complexity
simplemachines CWE-79
6.1
2020-02-07 CVE-2013-0192 Information Exposure vulnerability in Simplemachines Simple Machines Forum
File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config.
network
low complexity
simplemachines CWE-200
4.9
2020-01-22 CVE-2019-12490 Unspecified vulnerability in Simplemachines Simple Machines Forum
An issue was discovered in Simple Machines Forum (SMF) before 2.0.16.
network
low complexity
simplemachines
6.5
2020-01-15 CVE-2009-5068 Cleartext Storage of Sensitive Information vulnerability in Simplemachines Simple Machines Forum
There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3.
network
low complexity
simplemachines CWE-312
7.2