Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simple machines smf 1.1.4 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-2019
Simple Machines Forum (SMF), probably 1.1.4, relies on "randomly generated static" to hinder brute-force attacks on the WAV file (aka audio) CAPTCHA, which allows remote malicious users to pass the CAPTCHA test via an automated attack that considers Hamming distances. N...
Simple Machines Smf 1.1.4
4.3
CVSSv2
CVE-2008-0284
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.1.4 and previous versions allows remote malicious users to inject arbitrary web script or HTML via (1) Itemid or (2) topic arguments.
Simple Machines Simple Machines Smf
7.5
CVSSv2
CVE-2008-6741
SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) 1.1.4 and previous versions allows remote malicious users to execute arbitrary SQL commands by setting the db_character_set parameter to a multibyte character set such as big5, which causes the addslashes PHP ...
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum
Simple Machines Simple Machines Forum 1.1
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.3
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-6544
Multiple PHP remote file inclusion vulnerabilities in Simple Machines Forum (SMF) 1.1.4 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) settings[default_theme_dir] parameter to Sources/Subs-Graphics.php and (2) settings[default_theme_dir] parameter...
Simple Machines Simple Machines Forum 1.1.4
1 EDB exploit
6.8
CVSSv2
CVE-2008-6657
Cross-site request forgery (CSRF) vulnerability in index.php in Simple Machines Forum (SMF) 1.0 prior to 1.0.15 and 1.1 prior to 1.1.7 allows remote malicious users to hijack the authentication of admins for requests that install packages via the package parameter in an install2 ...
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.3
Simple Machines Simple Machines Forum 1.1.4
Simple Machines Simple Machines Forum 1.1 Rc1
Simple Machines Simple Machines Forum 1.1 Rc2
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum 1.1 Rc3
Simple Machines Simple Machines Forum 1.1.2
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1.5
Simple Machines Simple Machines Forum 1.1.6
1 EDB exploit
4
CVSSv2
CVE-2008-6658
Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 prior to 1.0.15 and 1.1 prior to 1.1.7 allows remote authenticated administrators to install packages from arbitrary directories via a .. (dot dot) in the package parameter during an install2 action...
Simple Machines Simple Machines Forum 1.1 Rc1
Simple Machines Simple Machines Forum 1.1 Rc2
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.3
Simple Machines Simple Machines Forum 1.1.4
Simple Machines Simple Machines Forum 1.1.5
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1.6
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum 1.1 Rc3
Simple Machines Simple Machines Forum 1.1.2
1 EDB exploit
5.5
CVSSv2
CVE-2008-6659
Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 prior to 1.0.15 and 1.1 prior to 1.1.7 allows remote authenticated users to configure arbitrary local files for execution via directory traversal sequences in the value of the theme_dir field during...
Simple Machines Simple Machines Forum 1.1 Rc2
Simple Machines Simple Machines Forum 1.1 Rc3
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.4
Simple Machines Simple Machines Forum 1.1.5
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1 Rc1
Simple Machines Simple Machines Forum 1.1.6
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum 1.1.2
Simple Machines Simple Machines Forum 1.1.3
1 EDB exploit
5
CVSSv2
CVE-2007-5943
Simple Machines Forum (SMF) 1.1.4 allows remote malicious users to read a message in private forums by using the advanced search module with the "show results as messages" option, then searching for possible keywords contained in that message.
Simple Machines Simple Machines Forum 1.1.4
7.5
CVSSv2
CVE-2008-6971
The password reset functionality in Simple Machines Forum (SMF) 1.0.x prior to 1.0.14, 1.1.x prior to 1.1.6, and 2.0 prior to 2.0 beta 4 includes clues about the random number generator state within a hidden form field and generates predictable validation codes, which allows remo...
Simplemachines Smf 2.0-beta3
Simplemachines Smf 2.0
Simplemachines Smf 1.1.5
Simplemachines Smf 1.1.4
Simplemachines Smf 2.0-beta2
Simplemachines Smf 1.0.13
Simplemachines Smf 1.0.12
1 EDB exploit
7.5
CVSSv2
CVE-2013-7236
Simple Machines Forum (SMF) 2.0.6, 1.1.19, and previous versions allows remote malicious users to impersonate arbitrary users via a Unicode homoglyph character in a username.
Simplemachines Simple Machines Forum 1.1.4
Simplemachines Simple Machines Forum 1.1.3
Simplemachines Simple Machines Forum 1.1.2
Simplemachines Simple Machines Forum 1.1.17
Simplemachines Simple Machines Forum 1.1
Simplemachines Simple Machines Forum 1.0.9
Simplemachines Simple Machines Forum 1.0.18
Simplemachines Simple Machines Forum 1.0.17
Simplemachines Simple Machines Forum 1.0.16
Simplemachines Simple Machines Forum 1.0.15
Simplemachines Simple Machines Forum 1.0.14
Simplemachines Simple Machines Forum 1.1.7
Simplemachines Simple Machines Forum 1.1.5
Simplemachines Simple Machines Forum 1.1.16
Simplemachines Simple Machines Forum 1.1.14
Simplemachines Simple Machines Forum 1.0.7
Simplemachines Simple Machines Forum 1.0.5
Simplemachines Simple Machines Forum 1.0.21
Simplemachines Simple Machines Forum 1.0.2
Simplemachines Simple Machines Forum 1.0.13
Simplemachines Simple Machines Forum 1.0.10
Simplemachines Simple Machines Forum 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »