Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simple machines simple machines forum vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2022-26982
SimpleMachinesForum 2.1.1 and previous versions allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator. NOTE: the vendor's position is that administrators are intended to ...
Simplemachines Simple Machines Forum
4.3
CVSSv2
CVE-2019-12490
An issue exists in Simple Machines Forum (SMF) prior to 2.0.16. Reverse tabnabbing can occur because of use of _blank for external links.
Simplemachines Simple Machines Forum
6.8
CVSSv2
CVE-2006-6375
Cross-site scripting (XSS) vulnerability in display.php in Simple Machines Forum (SMF) 1.1 Final and previous versions allows remote malicious users to inject arbitrary web script or HTML via the contents of a file that is uploaded with the image parameter set, which can be inter...
Simple Machines Smf 1.1 Final
Simple Machines Smf 1.1 Rc3
Simple Machines Smf 1.0.9
Simple Machines Smf 1.0 Beta5p
7.5
CVSSv2
CVE-2016-5726
Packages.php in Simple Machines Forum (SMF) 2.1 allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter.
Simplemachines Simple Machines Forum 2.1
6.8
CVSSv2
CVE-2016-5727
LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via vectors related to variables derived from user input in a foreach loop.
Simplemachines Simple Machines Forum 2.1
4.3
CVSSv2
CVE-2013-7467
Simple Machines Forum (SMF) 2.0.4 allows XSS via the index.php?action=pm;sa=settings;save sa parameter.
Simplemachines Simple Machines Forum 2.0.4
6.5
CVSSv2
CVE-2013-7466
Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with resultant remote code execution, in install.php via ../ directory traversal in the db_type parameter if install.php remains present after installation.
Simplemachines Simple Machines Forum 2.0.4
6.8
CVSSv2
CVE-2013-7468
Simple Machines Forum (SMF) 2.0.4 allows PHP Code Injection via the index.php?action=admin;area=languages;sa=editlang dictionary parameter.
Simplemachines Simple Machines Forum 2.0.4
4.3
CVSSv2
CVE-2008-0284
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.1.4 and previous versions allows remote malicious users to inject arbitrary web script or HTML via (1) Itemid or (2) topic arguments.
Simple Machines Simple Machines Smf
4.3
CVSSv2
CVE-2008-0775
Cross-site scripting (XSS) vulnerability in sboxDB.php in Simple Machines Forum (SMF) Shoutbox 1.14 up to and including 1.16b allows remote malicious users to inject arbitrary web script or HTML via strings to the shoutbox form that start with "&#", contain the desi...
Simple Machines Smf Shoutbox 1.14
Simple Machines Smf Shoutbox 1.15
Simple Machines Smf Shoutbox 1.16b
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »