Vulnerabilities > Simplemachines

DATE	CVE	VULNERABILITY TITLE	RISK
2011-06-21	CVE-2011-1127	Permissions, Privileges, and Access Controls vulnerability in Simplemachines SMF SSI.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly restrict guest access, which allows remote attackers to have an unspecified impact via unknown vectors. network low complexity simplemachines CWE-264 critical	10.0
2009-08-13	CVE-2008-6971	Credentials Management vulnerability in Simplemachines SMF The password reset functionality in Simple Machines Forum (SMF) 1.0.x before 1.0.14, 1.1.x before 1.1.6, and 2.0 before 2.0 beta 4 includes clues about the random number generator state within a hidden form field and generates predictable validation codes, which allows remote attackers to modify passwords of other users and gain privileges. network low complexity simplemachines CWE-255	7.5
2006-09-06	CVE-2006-4564	SQL Injection vulnerability in Simplemachines SMF 1.1 SQL injection vulnerability in Sources/ManageBoards.php in Simple Machines Forum 1.1 RC3 allows remote attackers to execute arbitrary SQL commands via the cur_cat parameter. network high complexity simplemachines CWE-89	5.1

Vulnerabilities > Simplemachines {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Simplemachines"}]}