Lucene search
K

7 matches found

Prion
Prion
added 2009/04/21 6:30 p.m.17 views

Sql injection

SQL injection vulnerability in Load.php in Simple Machines Forum SMF 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the dbcharacterset parameter to a multibyte character set such as big5, which causes the addslashes PHP function to produce a "" backslash...

7.5CVSS9AI score0.00967EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/04/21 6:7 p.m.33 views

CVE-2008-6741

SQL injection vulnerability in Load.php in Simple Machines Forum SMF 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the dbcharacterset parameter to a multibyte character set such as big5, which causes the addslashes PHP function to produce a "" backslash...

8.3AI score0.00967EPSS
Exploits1References3
CVE
CVE
added 2009/03/30 1:0 a.m.61 views

CVE-2008-6544

Concretely, CVE-2008-6544 affects Simple Machines Forum (SMF) 1.1.4. The vulnerability is described as PHP remote file inclusion via the settings[default_theme_dir] parameter to two endpoints: Sources/Subs-Graphics.php and Sources/Themes.php. The underlying issue involves allowing a URL to influe...

7.5CVSS7.9AI score0.02927EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2008/01/15 9:0 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in Simple Machines Forum SMF 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via 1 Itemid or 2 topic arguments...

4.3CVSS6.2AI score0.01033EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2008/01/15 8:0 p.m.20 views

CVE-2008-0284

Cross-site scripting XSS vulnerability in Simple Machines Forum SMF 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via 1 Itemid or 2 topic arguments...

5.7AI score0.01033EPSS
Exploits0References4
CVE
CVE
added 2008/01/15 8:0 p.m.39 views

CVE-2008-0284

CVE-2008-0284 affects Simple Machines Forum (SMF) 1.1.4 and earlier. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the Itemid or topic parameters. Impact described as enabling script execution in the context of the a...

4.3CVSS5.7AI score0.01033EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2007/11/14 1:46 a.m.16 views

Code injection

Simple Machines Forum SMF 1.1.4 allows remote attackers to read a message in private forums by using the advanced search module with the "show results as messages" option, then searching for possible keywords contained in that message...

5CVSS7.1AI score0.01064EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder