Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simple machines simple machines forum 1.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3073
Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.x prior to 1.1.5 and 1.0.x prior to 1.0.13 has unknown impact and attack vectors, probably cross-site scripting (XSS), related to "use of the html-tag."
Simple Machines Simple Machines Forum
7.5
CVSSv2
CVE-2008-3072
Simple Machines Forum (SMF) 1.1.x prior to 1.1.5 and 1.0.x prior to 1.0.13, when running in PHP prior to 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vectors.
Simple Machines Simple Machines Forum
7.5
CVSSv2
CVE-2005-4159
NOTE: this issue has been disputed by the vendor and third parties. SQL injection vulnerability in Memberlist.php in Simple Machines Forum (SMF) 1.1 rc1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the start parameter. NOTE: the vendor...
Simple Machines Simple Machines Forum
6.8
CVSSv2
CVE-2006-6375
Cross-site scripting (XSS) vulnerability in display.php in Simple Machines Forum (SMF) 1.1 Final and previous versions allows remote malicious users to inject arbitrary web script or HTML via the contents of a file that is uploaded with the image parameter set, which can be inter...
Simple Machines Smf 1.1 Final
Simple Machines Smf 1.1 Rc3
Simple Machines Smf 1.0.9
Simple Machines Smf 1.0 Beta5p
7.5
CVSSv2
CVE-2008-6971
The password reset functionality in Simple Machines Forum (SMF) 1.0.x prior to 1.0.14, 1.1.x prior to 1.1.6, and 2.0 prior to 2.0 beta 4 includes clues about the random number generator state within a hidden form field and generates predictable validation codes, which allows remo...
Simplemachines Smf 2.0-beta3
Simplemachines Smf 2.0
Simplemachines Smf 1.1.5
Simplemachines Smf 1.1.4
Simplemachines Smf 2.0-beta2
Simplemachines Smf 1.0.13
Simplemachines Smf 1.0.12
1 EDB exploit
5.1
CVSSv2
CVE-2006-4564
SQL injection vulnerability in Sources/ManageBoards.php in Simple Machines Forum 1.1 RC3 allows remote malicious users to execute arbitrary SQL commands via the cur_cat parameter.
Simplemachines Smf 1.1
10
CVSSv2
CVE-2011-1127
SSI.php in Simple Machines Forum (SMF) prior to 1.1.13, and 2.x prior to 2.0 RC5, does not properly restrict guest access, which allows remote malicious users to have an unspecified impact via unknown vectors.
Simplemachines Smf 1.1
Simplemachines Smf 1.1.11
Simplemachines Smf 1.1.10
Simplemachines Smf 1.0
Simplemachines Smf 1.0.15
Simplemachines Smf 1.0.20
Simplemachines Smf 1.0.21
Simplemachines Smf 1.1.9
Simplemachines Smf 1.1.4
Simplemachines Smf 1.0.12
Simplemachines Smf 1.0.13
Simplemachines Smf 1.0.5
Simplemachines Smf 1.0.4
Simplemachines Smf 1.0.3
Simplemachines Smf 1.0.2
Simplemachines Smf 1.1.5
Simplemachines Smf 1.1.8
Simplemachines Smf 1.0.10
Simplemachines Smf
Simplemachines Smf 1.0.9
Simplemachines Smf 1.0.7
Simplemachines Smf 1.0.17
3.5
CVSSv2
CVE-2011-1129
Cross-site scripting (XSS) vulnerability in the EditNews function in ManageNews.php in Simple Machines Forum (SMF) prior to 1.1.13, and 2.x prior to 2.0 RC5, might allow remote authenticated users to inject arbitrary web script or HTML via a save_items action.
Simplemachines Smf 1.1.6
Simplemachines Smf 1.1.5
Simplemachines Smf 1.1.7
Simplemachines Smf 1.1.8
Simplemachines Smf 1.1.9
Simplemachines Smf 1.0.9
Simplemachines Smf 1.0.8
Simplemachines Smf 1.0.7
Simplemachines Smf 1.0.6
Simplemachines Smf 1.1.1
Simplemachines Smf 1.1.2
Simplemachines Smf 1.1.3
Simplemachines Smf 1.0
Simplemachines Smf 1.1
Simplemachines Smf 1.1.10
Simplemachines Smf 1.0.12
Simplemachines Smf 1.0.10
Simplemachines Smf 1.0.15
Simplemachines Smf 1.0.4
Simplemachines Smf 1.0.2
Simplemachines Smf 1.0.14
Simplemachines Smf
7.5
CVSSv2
CVE-2011-3615
Multiple SQL injection vulnerabilities in Simple Machines Forum (SMF) prior to 1.1.15 and 2.x prior to 2.0.1 allow remote malicious users to execute arbitrary SQL commands via vectors involving a (1) HTML entity or (2) display name. NOTE: some of these details are obtained from t...
Simplemachines Smf 1.1.5
Simplemachines Smf 1.0
Simplemachines Smf 1.1
Simplemachines Smf 1.0.2
Simplemachines Smf 1.0.3
Simplemachines Smf 1.0.8
Simplemachines Smf 1.0.9
Simplemachines Smf 1.1.9
Simplemachines Smf 1.0.10
Simplemachines Smf 1.1.1
Simplemachines Smf 1.1.2
Simplemachines Smf 1.0.17
Simplemachines Smf 1.0.1
Simplemachines Smf 1.1.12
Simplemachines Smf 1.1.11
Simplemachines Smf 1.1.13
Simplemachines Smf 1.1.3
Simplemachines Smf 1.1.4
Simplemachines Smf 1.0.13
Simplemachines Smf 1.0.12
Simplemachines Smf 1.0.4
Simplemachines Smf 1.0.5
7.5
CVSSv2
CVE-2011-1128
The loadUserSettings function in Load.php in Simple Machines Forum (SMF) prior to 1.1.13, and 2.x prior to 2.0 RC5, does not properly handle invalid login attempts, which might make it easier for remote malicious users to obtain access or cause a denial of service via a brute-for...
Simplemachines Smf 1.0
Simplemachines Smf 1.1.9
Simplemachines Smf 1.1.4
Simplemachines Smf 1.0.12
Simplemachines Smf 1.0.13
Simplemachines Smf 1.0.10
Simplemachines Smf 1.0.5
Simplemachines Smf 1.0.4
Simplemachines Smf 1.0.3
Simplemachines Smf 1.0.2
Simplemachines Smf 1.1
Simplemachines Smf 1.1.11
Simplemachines Smf 1.1.10
Simplemachines Smf 1.0.15
Simplemachines Smf 1.0.16
Simplemachines Smf 1.0.21
Simplemachines Smf 1.1.5
Simplemachines Smf 1.1.8
Simplemachines Smf
Simplemachines Smf 1.0.9
Simplemachines Smf 1.0.7
Simplemachines Smf 1.0.17
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »