Simplemachines - Simple Machine Forum CVE

Filtered by vendor Simplemachines Subscriptions

Filtered by product Simple Machine Forum Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2019-11574	1 Simplemachines	1 Simple Machine Forum	2020-03-25	9.8 Critical
An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls.
CVE-2005-4891	1 Simplemachines	1 Simple Machine Forum	2020-01-21	9.8 Critical
Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.

Page 1 of 1.