Vulnerabilities > Simplemachines > Simple Machines Forum > 1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-05 | CVE-2022-26982 | Code Injection vulnerability in Simplemachines Simple Machines Forum SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator. | 7.2 |
| 2020-02-12 | CVE-2013-4395 | Cross-site Scripting vulnerability in Simplemachines Simple Machines Forum Simple Machines Forum (SMF) through 2.0.5 has XSS | 6.1 |
| 2020-02-07 | CVE-2013-0192 | Information Exposure vulnerability in Simplemachines Simple Machines Forum File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config. | 4.9 |
| 2020-01-22 | CVE-2019-12490 | Unspecified vulnerability in Simplemachines Simple Machines Forum An issue was discovered in Simple Machines Forum (SMF) before 2.0.16. | 6.5 |
| 2020-01-15 | CVE-2009-5068 | Cleartext Storage of Sensitive Information vulnerability in Simplemachines Simple Machines Forum There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. | 7.2 |
| 2018-04-24 | CVE-2018-10305 | Unspecified vulnerability in Simplemachines Simple Machines Forum The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2.0.15 does not properly use the possible_users variable in a query, which might allow attackers to bypass intended access restrictions. | 9.8 |