Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.
[
{
"product": "Simple Machine Forum",
"vendor": "Simple Machine Forum",
"versions": [
{
"status": "affected",
"version": "1.0.4 and earlier"
}
]
}
]