Lucene search
K
Simple MachinesSmf

4 matches found

CVE
CVE
added 2008/04/30 1:0 a.m.50 views

CVE-2008-2019

SMF (likely version ~1.1.4) is vulnerable due to a weak WAV CAPTCHA generation that relies on insufficient randomness, allowing automated brute-force bypass of the CAPTCHA. Root cause points to an insufficient fix for CVE-2007-3308; exploitation status and exact patch details are not provided in ...

7.5CVSS6.8AI score0.04054EPSS
CVE
CVE
added 2012/11/17 9:0 p.m.49 views

CVE-2012-5903

The CVE-2012-5903 entry concerns the Simple Machines Forum (SMF) product, specifically version 2.0.2. The vulnerability is a Cross-Site Scripting (XSS) flaw in the scheduled parameter handling of index.php, enabling remote attackers to inject arbitrary web script or HTML. The root cause is an XSS...

4.3CVSS5.9AI score0.01623EPSS
CVE
CVE
added 2005/05/10 4:0 a.m.43 views

CVE-2004-1996

The CVE-2004-1996 issue concerns Simple Machines Forum (SMF) 1.0, where an XSS vulnerability exists in the size tag that could allow remote attackers to inject arbitrary script in web pages. References across NVD/CVE records confirm the vulnerable component is SMF 1.0 and the root cause is improp...

4.3CVSS6.1AI score0.01733EPSS
CVE
CVE
added 2006/12/07 5:0 p.m.42 views

CVE-2006-6375

CVE-2006-6375 is a cross-site scripting (XSS) flaw in display.php of Simple Machines Forum (SMF) 1.1 Final and earlier. The vulnerability allows remote attackers to inject arbitrary script/HTML via the contents of a file uploaded with the image parameter, which can be interpreted as script by Int...

6.8CVSS5.9AI score0.014EPSS