Vulnerabilities > Simplemachines > Simple Machines Forum > 2.1

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-05	CVE-2022-26982	Code Injection vulnerability in Simplemachines Simple Machines Forum SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator. network low complexity simplemachines CWE-94	7.2
2017-02-09	CVE-2016-5727	Code Injection vulnerability in Simplemachines Simple Machines Forum 2.1 LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via vectors related to variables derived from user input in a foreach loop. network low complexity simplemachines CWE-94	8.8
2017-02-09	CVE-2016-5726	Code Injection vulnerability in Simplemachines Simple Machines Forum 2.1 Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter. network low complexity simplemachines CWE-94 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.