Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simplemachines simple machines forum 2.0 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2009-5068
There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several "co-admins" that are not trusted beyond the SMF deployment. This vulnerability allows them to read arb...
Simplemachines Simple Machines Forum
1 EDB exploit
4.9
CVSSv3
CVE-2013-0192
File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config.
Simplemachines Simple Machines Forum
1 EDB exploit
NA
CVE-2013-7234
Simple Machines Forum (SMF) prior to 1.1.19 and 2.x prior to 2.0.6 allows remote malicious users to conduct clickjacking attacks via an X-Frame-Options header.
Simplemachines Simple Machines Forum 1.0.15
Simplemachines Simple Machines Forum 1.1
Simplemachines Simple Machines Forum 1.1.6
Simplemachines Simple Machines Forum 1.1.15
Simplemachines Simple Machines Forum 1.1.8
Simplemachines Simple Machines Forum 1.1.5
Simplemachines Simple Machines Forum 2.0
Simplemachines Simple Machines Forum 1.1.11
Simplemachines Simple Machines Forum 1.1.14
Simplemachines Simple Machines Forum 1.0.14
Simplemachines Simple Machines Forum 1.0.8
Simplemachines Simple Machines Forum 1.0
Simplemachines Simple Machines Forum 1.1.16
Simplemachines Simple Machines Forum 1.1.1
Simplemachines Simple Machines Forum
Simplemachines Simple Machines Forum 1.0.2
Simplemachines Simple Machines Forum 1.0.12
Simplemachines Simple Machines Forum 1.0.16
Simplemachines Simple Machines Forum 2.0.4
Simplemachines Simple Machines Forum 1.0.9
Simplemachines Simple Machines Forum 1.0.23
Simplemachines Simple Machines Forum 1.0.21
NA
CVE-2013-7235
Simple Machines Forum (SMF) prior to 1.1.19 and 2.x prior to 2.0.6 allows remote malicious users to impersonate arbitrary users via multiple space characters characters.
Simplemachines Simple Machines Forum 1.0.15
Simplemachines Simple Machines Forum 1.1
Simplemachines Simple Machines Forum 1.1.6
Simplemachines Simple Machines Forum 1.1.15
Simplemachines Simple Machines Forum 1.1.8
Simplemachines Simple Machines Forum 1.1.5
Simplemachines Simple Machines Forum 2.0
Simplemachines Simple Machines Forum 1.1.11
Simplemachines Simple Machines Forum 1.1.14
Simplemachines Simple Machines Forum 1.0.14
Simplemachines Simple Machines Forum 1.0.8
Simplemachines Simple Machines Forum 1.0
Simplemachines Simple Machines Forum 1.1.16
Simplemachines Simple Machines Forum 1.1.1
Simplemachines Simple Machines Forum
Simplemachines Simple Machines Forum 1.0.2
Simplemachines Simple Machines Forum 1.0.12
Simplemachines Simple Machines Forum 1.0.16
Simplemachines Simple Machines Forum 2.0.4
Simplemachines Simple Machines Forum 1.0.9
Simplemachines Simple Machines Forum 1.0.23
Simplemachines Simple Machines Forum 1.0.21
NA
CVE-2013-4465
Unrestricted file upload vulnerability in the avatar upload functionality in Simple Machines Forum prior to 2.0.6 and 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the fi...
Simplemachines Simple Machines Forum 1.0.15
Simplemachines Simple Machines Forum 1.1.6
Simplemachines Simple Machines Forum 1.1.15
Simplemachines Simple Machines Forum 1.1.8
Simplemachines Simple Machines Forum 1.1.5
Simplemachines Simple Machines Forum 1.1.11
Simplemachines Simple Machines Forum 1.1.14
Simplemachines Simple Machines Forum 1.0.14
Simplemachines Simple Machines Forum 1.0.8
Simplemachines Simple Machines Forum 1.1.16
Simplemachines Simple Machines Forum 1.1.1
Simplemachines Simple Machines Forum 1.0.2
Simplemachines Simple Machines Forum 1.0.12
Simplemachines Simple Machines Forum 1.0.16
Simplemachines Simple Machines Forum 2.0.4
Simplemachines Simple Machines Forum 1.0
Simplemachines Simple Machines Forum 1.0.9
Simplemachines Simple Machines Forum 1.0.23
Simplemachines Simple Machines Forum 1.0.21
Simplemachines Simple Machines Forum 1.0.6
Simplemachines Simple Machines Forum 2.1
Simplemachines Simple Machines Forum 2.0.2
NA
CVE-2011-4173
Cross-site request forgery (CSRF) vulnerability in Simple Machines Forum (SMF) 2.x prior to 2.0.1 allows remote malicious users to hijack the authentication of administrators or moderators via vectors involving image files, a different vulnerability than CVE-2011-3615. NOTE: some...
Simplemachines Smf 2.0
NA
CVE-2011-3615
Multiple SQL injection vulnerabilities in Simple Machines Forum (SMF) prior to 1.1.15 and 2.x prior to 2.0.1 allow remote malicious users to execute arbitrary SQL commands via vectors involving a (1) HTML entity or (2) display name. NOTE: some of these details are obtained from t...
Simplemachines Smf 1.1.5
Simplemachines Smf 1.0
Simplemachines Smf 1.1
Simplemachines Smf 1.0.2
Simplemachines Smf 1.0.3
Simplemachines Smf 1.0.8
Simplemachines Smf 1.0.9
Simplemachines Smf 1.1.9
Simplemachines Smf 1.0.10
Simplemachines Smf 1.1.1
Simplemachines Smf 1.1.2
Simplemachines Smf 1.0.17
Simplemachines Smf 1.0.1
Simplemachines Smf 1.1.12
Simplemachines Smf 1.1.11
Simplemachines Smf 1.1.13
Simplemachines Smf 1.1.3
Simplemachines Smf 1.1.4
Simplemachines Smf 1.0.13
Simplemachines Smf 1.0.12
Simplemachines Smf 1.0.4
Simplemachines Smf 1.0.5
NA
CVE-2011-1127
SSI.php in Simple Machines Forum (SMF) prior to 1.1.13, and 2.x prior to 2.0 RC5, does not properly restrict guest access, which allows remote malicious users to have an unspecified impact via unknown vectors.
Simplemachines Smf 1.1
Simplemachines Smf 1.1.11
Simplemachines Smf 1.1.10
Simplemachines Smf 1.0
Simplemachines Smf 1.0.15
Simplemachines Smf 1.0.20
Simplemachines Smf 1.0.21
Simplemachines Smf 1.1.9
Simplemachines Smf 1.1.4
Simplemachines Smf 1.0.12
Simplemachines Smf 1.0.13
Simplemachines Smf 1.0.5
Simplemachines Smf 1.0.4
Simplemachines Smf 1.0.3
Simplemachines Smf 1.0.2
Simplemachines Smf 1.1.5
Simplemachines Smf 1.1.8
Simplemachines Smf 1.0.10
Simplemachines Smf
Simplemachines Smf 1.0.9
Simplemachines Smf 1.0.7
Simplemachines Smf 1.0.17
NA
CVE-2011-1128
The loadUserSettings function in Load.php in Simple Machines Forum (SMF) prior to 1.1.13, and 2.x prior to 2.0 RC5, does not properly handle invalid login attempts, which might make it easier for remote malicious users to obtain access or cause a denial of service via a brute-for...
Simplemachines Smf 1.0
Simplemachines Smf 1.1.9
Simplemachines Smf 1.1.4
Simplemachines Smf 1.0.12
Simplemachines Smf 1.0.13
Simplemachines Smf 1.0.10
Simplemachines Smf 1.0.5
Simplemachines Smf 1.0.4
Simplemachines Smf 1.0.3
Simplemachines Smf 1.0.2
Simplemachines Smf 1.1
Simplemachines Smf 1.1.11
Simplemachines Smf 1.1.10
Simplemachines Smf 1.0.15
Simplemachines Smf 1.0.16
Simplemachines Smf 1.0.21
Simplemachines Smf 1.1.5
Simplemachines Smf 1.1.8
Simplemachines Smf
Simplemachines Smf 1.0.9
Simplemachines Smf 1.0.7
Simplemachines Smf 1.0.17
NA
CVE-2011-1129
Cross-site scripting (XSS) vulnerability in the EditNews function in ManageNews.php in Simple Machines Forum (SMF) prior to 1.1.13, and 2.x prior to 2.0 RC5, might allow remote authenticated users to inject arbitrary web script or HTML via a save_items action.
Simplemachines Smf 1.1.6
Simplemachines Smf 1.1.5
Simplemachines Smf 1.1.7
Simplemachines Smf 1.1.8
Simplemachines Smf 1.1.9
Simplemachines Smf 1.0.9
Simplemachines Smf 1.0.8
Simplemachines Smf 1.0.7
Simplemachines Smf 1.0.6
Simplemachines Smf 1.1.1
Simplemachines Smf 1.1.2
Simplemachines Smf 1.1.3
Simplemachines Smf 1.0
Simplemachines Smf 1.1
Simplemachines Smf 1.1.10
Simplemachines Smf 1.0.12
Simplemachines Smf 1.0.10
Simplemachines Smf 1.0.15
Simplemachines Smf 1.0.4
Simplemachines Smf 1.0.2
Simplemachines Smf 1.0.14
Simplemachines Smf
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »