Vulnerabilities > Simplemachines > Simple Machines Forum
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-09 | CVE-2016-5726 | Code Injection vulnerability in Simplemachines Simple Machines Forum 2.1 Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter. | 7.5 |
| 2014-04-29 | CVE-2013-7236 | Improper Input Validation vulnerability in Simplemachines Simple Machines Forum Simple Machines Forum (SMF) 2.0.6, 1.1.19, and earlier allows remote attackers to impersonate arbitrary users via a Unicode homoglyph character in a username. | 7.5 |