Simple Machines Forum Security Vulnerabilities and Issues — Simple Machines Forum CVE List

Lucene search

SimplemachinesSimple Machines Forum

3 matches found

CVE•added 2019/03/07 11:29 p.m.•35 views

CVE-2013-7468

Simple Machines Forum (SMF) 2.0.4 allows PHP Code Injection via the index.php?action=admin;area=languages;sa=editlang dictionary parameter.

8.1CVSS8.4AI score0.00487EPSS

CVE•added 2019/03/07 11:29 p.m.•31 views

CVE-2013-7467

Simple Machines Forum (SMF) 2.0.4 allows XSS via the index.php?action=pm;sa=settings;save sa parameter.

6.1CVSS6.5AI score0.0024EPSS

CVE•added 2019/03/07 11:29 p.m.•27 views

CVE-2013-7466

Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with resultant remote code execution, in install.php via ../ directory traversal in the db_type parameter if install.php remains present after installation.

8.8CVSS8.7AI score0.01935EPSS