2 matches found
CVE-2019-11574
Simple Machines Forum (SMF) prior to release 2.0.17 is affected by a server-side request forgery (SSRF) in Subs-Package.php and Subs.php, where user-supplied data is used directly in curl calls. Affects SMF versions before 2.0.17; CVE-2019-11574 details an SSRF condition with high impact per CVSS...
CVE-2005-4891
CVE-2005-4891 affects Simple Machine Forum (SMF) versions 1.0.4 and earlier. The vulnerability is an SQL injection in SMF that enables remote attackers to inject arbitrary SQL statements. Documented impact in sources indicates potential partial confidentiality, integrity, and availability effects...