Vulnerabilities > Simplemachines

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-03	CVE-2024-7438	Authorization Bypass Through User-Controlled Key vulnerability in Simplemachines Simple Machines Forum 2.1.4 A vulnerability has been found in SimpleMachines SMF 2.1.4 and classified as problematic. network low complexity simplemachines CWE-639	4.3
2024-08-03	CVE-2024-7437	Authorization Bypass Through User-Controlled Key vulnerability in Simplemachines Simple Machines Forum 2.1.4 A vulnerability, which was classified as critical, was found in SimpleMachines SMF 2.1.4. network low complexity simplemachines CWE-639	4.3
2022-04-05	CVE-2022-26982	Code Injection vulnerability in Simplemachines Simple Machines Forum SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator. network low complexity simplemachines CWE-94	7.2
2020-03-20	CVE-2019-11574	Server-Side Request Forgery (SSRF) vulnerability in Simplemachines Simple Machine Forum An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. network low complexity simplemachines CWE-918 critical	9.8
2020-02-12	CVE-2013-4395	Cross-site Scripting vulnerability in Simplemachines Simple Machines Forum Simple Machines Forum (SMF) through 2.0.5 has XSS network low complexity simplemachines CWE-79	6.1
2020-02-07	CVE-2013-0192	Information Exposure vulnerability in Simplemachines Simple Machines Forum File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config. network low complexity simplemachines CWE-200	4.9
2020-01-22	CVE-2019-12490	Unspecified vulnerability in Simplemachines Simple Machines Forum An issue was discovered in Simple Machines Forum (SMF) before 2.0.16. network low complexity simplemachines	6.5
2020-01-15	CVE-2009-5068	Cleartext Storage of Sensitive Information vulnerability in Simplemachines Simple Machines Forum There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. network low complexity simplemachines CWE-312	7.2
2020-01-15	CVE-2005-4891	SQL Injection vulnerability in Simplemachines Simple Machine Forum Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements. network low complexity simplemachines CWE-89 critical	9.8
2019-03-07	CVE-2013-7468	Code Injection vulnerability in Simplemachines Simple Machines Forum 2.0.4 Simple Machines Forum (SMF) 2.0.4 allows PHP Code Injection via the index.php?action=admin;area=languages;sa=editlang dictionary parameter. network high complexity simplemachines CWE-94	8.1

Vulnerabilities > Simplemachines {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Simplemachines"}]}

Vulnerabilities > Simplemachines