Vulnerabilities > Simplemachines > Simple Machines Forum > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-03 CVE-2024-7438 Authorization Bypass Through User-Controlled Key vulnerability in Simplemachines Simple Machines Forum 2.1.4
A vulnerability has been found in SimpleMachines SMF 2.1.4 and classified as problematic.
network
low complexity
simplemachines CWE-639
4.3
4.3
2024-08-03 CVE-2024-7437 Authorization Bypass Through User-Controlled Key vulnerability in Simplemachines Simple Machines Forum 2.1.4
A vulnerability, which was classified as critical, was found in SimpleMachines SMF 2.1.4.
network
low complexity
simplemachines CWE-639
4.3
4.3
2020-02-12 CVE-2013-4395 Cross-site Scripting vulnerability in Simplemachines Simple Machines Forum
Simple Machines Forum (SMF) through 2.0.5 has XSS
network
low complexity
simplemachines CWE-79
6.1
6.1
2020-02-07 CVE-2013-0192 Information Exposure vulnerability in Simplemachines Simple Machines Forum
File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config.
network
low complexity
simplemachines CWE-200
4.9
4.9
2020-01-22 CVE-2019-12490 Unspecified vulnerability in Simplemachines Simple Machines Forum
An issue was discovered in Simple Machines Forum (SMF) before 2.0.16.
network
low complexity
simplemachines
6.5
6.5
2019-03-07 CVE-2013-7467 Cross-site Scripting vulnerability in Simplemachines Simple Machines Forum 2.0.4
Simple Machines Forum (SMF) 2.0.4 allows XSS via the index.php?action=pm;sa=settings;save sa parameter.
network
low complexity
simplemachines CWE-79
6.1
6.1