Simple Machines Forum@1.0.15 Security Vulnerabilities and Issues — Simple Machines Forum@1.0.15 CVE List

Lucene search

SimplemachinesSimple Machines Forum1.0.15

4 matches found

CVE•added 2013/10/25 11:55 p.m.•36 views

CVE-2013-4465

Unrestricted file upload vulnerability in the avatar upload functionality in Simple Machines Forum before 2.0.6 and 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified ...

4.6CVSS7.6AI score0.01273EPSS

CVE•added 2014/04/29 2:38 p.m.•36 views

CVE-2013-7235

Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows remote attackers to impersonate arbitrary users via multiple space characters characters.

7.5CVSS7AI score0.00675EPSS

CVE•added 2014/04/29 2:38 p.m.•35 views

CVE-2013-7234

Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header.

4.3CVSS6.9AI score0.00357EPSS

CVE•added 2014/04/29 2:38 p.m.•28 views

CVE-2013-7236

Simple Machines Forum (SMF) 2.0.6, 1.1.19, and earlier allows remote attackers to impersonate arbitrary users via a Unicode homoglyph character in a username.

7.5CVSS7AI score0.00585EPSS