RSS   Vulnerabilities for 'Simple machine forum'   RSS

2020-03-20
 
CVE-2019-11574

CWE-918
 

 
An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls.

 
2020-01-15
 
CVE-2005-4891

CWE-89
 

 
Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.

 

 >>> Vendor: Simplemachines 3 Products
SMF
Simple machines forum
Simple machine forum


Copyright 2024, cxsecurity.com

 

Back to Top