Simple Machines Forum@2.1 Security Vulnerabilities and Issues — Simple Machines Forum@2.1 CVE List

Lucene search

SimplemachinesSimple Machines Forum2.1

3 matches found

CVE•added 2017/02/09 3:59 p.m.•51 views

CVE-2016-5726

Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter.

9.8CVSS9.7AI score0.00839EPSS

CVE•added 2013/10/25 11:55 p.m.•36 views

CVE-2013-4465

Unrestricted file upload vulnerability in the avatar upload functionality in Simple Machines Forum before 2.0.6 and 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified ...

4.6CVSS7.6AI score0.01273EPSS

CVE•added 2017/02/09 3:59 p.m.•31 views

CVE-2016-5727

LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via vectors related to variables derived from user input in a foreach loop.

8.8CVSS8.9AI score0.00595EPSS