Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simple machines simple machines forum vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-3309
Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.2 allows remote malicious users to execute arbitrary PHP code during (1) creation or (2) editing of a message.
Simple Machines Simple Machines Forum 1.1.2
5
CVSSv2
CVE-2007-5943
Simple Machines Forum (SMF) 1.1.4 allows remote malicious users to read a message in private forums by using the advanced search module with the "show results as messages" option, then searching for possible keywords contained in that message.
Simple Machines Simple Machines Forum 1.1.4
4.3
CVSSv2
CVE-2006-0896
Cross-site scripting (XSS) vulnerability in Sources/Register.php in Simple Machine Forum (SMF) 1.0.6 allows remote malicious users to inject arbitrary web script or HTML via the X-Forwarded-For HTTP header field.
Simple Machines Simple Machines Forum 1.0.6
5
CVSSv2
CVE-2005-2817
Simple Machines Forum (SMF) 1-0-5 and previous versions supports the use of URLs for avatar images, which allows remote malicious users to monitor sensitive information of forum visitors such as IP address and user agent, as demonstrated using a PHP script on a malicious server.
Simple Machines Simple Machines Forum 1.0.5
4.3
CVSSv2
CVE-2006-5503
Cross-site scripting (XSS) vulnerability in index.php in Simple Machines Forum (SMF) 1.1 RC2 allows remote malicious users to inject arbitrary web script or HTML via the action parameter.
Simple Machines Simple Machines Forum 1.1 Rc2
1 EDB exploit
4.3
CVSSv2
CVE-2004-1996
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote malicious users to inject arbitrary web script via the size tag.
Simple Machines Smf 1.0 Beta4p
Simple Machines Smf 1.0 Beta5p
Simple Machines Smf 1.0 Beta4.1
1 EDB exploit
7.5
CVSSv2
CVE-2018-10305
The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) prior to 2.0.15 does not properly use the possible_users variable in a query, which might allow malicious users to bypass intended access restrictions.
Simplemachines Simple Machines Forum
4
CVSSv2
CVE-2013-0192
File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config.
Simplemachines Simple Machines Forum
1 EDB exploit
4.3
CVSSv2
CVE-2013-4395
Simple Machines Forum (SMF) up to and including 2.0.5 has XSS
Simplemachines Simple Machines Forum
3.5
CVSSv2
CVE-2009-5068
There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several "co-admins" that are not trusted beyond the SMF deployment. This vulnerability allows them to read arb...
Simplemachines Simple Machines Forum
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »