Vulnerabilities > Simplemachines > Simple Machine Forum

DATE CVE VULNERABILITY TITLE RISK
2020-03-20 CVE-2019-11574 Server-Side Request Forgery (SSRF) vulnerability in Simplemachines Simple Machine Forum
An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17.
network
low complexity
simplemachines CWE-918
7.5
2020-01-15 CVE-2005-4891 SQL Injection vulnerability in Simplemachines Simple Machine Forum
Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.
network
low complexity
simplemachines CWE-89
7.5