{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-12-13T00:00:00", "descriptions": [{"lang": "en", "value": "Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows remote attackers to impersonate arbitrary users via multiple space characters characters."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-04-29T12:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20131230 CVE request: SMF 1.1.19, 2.0.6", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2013/12/30/1"}, {"name": "[oss-security] 20131229 Re: CVE request: SMF 1.1.19, 2.0.6", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2013/12/30/3"}, {"name": "20131213 Multiple vulnerabilities in SMF forum software", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2013/Dec/83"}, {"tags": ["x_refsource_MISC"], "url": "http://www.jakoblell.com/blog/2013/12/13/multiple-vulnerabilities-in-smf-forum-software/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://download.simplemachines.org/index.php?thanks%3Bfilename=smf_2-0-6_changelog.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-7235", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows remote attackers to impersonate arbitrary users via multiple space characters characters."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20131230 CVE request: SMF 1.1.19, 2.0.6", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2013/12/30/1"}, {"name": "[oss-security] 20131229 Re: CVE request: SMF 1.1.19, 2.0.6", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2013/12/30/3"}, {"name": "20131213 Multiple vulnerabilities in SMF forum software", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2013/Dec/83"}, {"name": "http://www.jakoblell.com/blog/2013/12/13/multiple-vulnerabilities-in-smf-forum-software/", "refsource": "MISC", "url": "http://www.jakoblell.com/blog/2013/12/13/multiple-vulnerabilities-in-smf-forum-software/"}, {"name": "http://download.simplemachines.org/index.php?thanks;filename=smf_2-0-6_changelog.txt", "refsource": "CONFIRM", "url": "http://download.simplemachines.org/index.php?thanks;filename=smf_2-0-6_changelog.txt"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-7235", "datePublished": "2014-04-29T14:00:00", "dateReserved": "2013-12-29T00:00:00", "dateUpdated": "2014-04-29T12:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:*:*:*:*:*:*:*:*", "matchCriteriaId": "F627D530-8577-42A2-96C8-5DF20FD19241", "versionEndIncluding": "1.1.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "68BFA80B-10BE-48FA-A9F8-8FC163BBD18D", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "4B7C0924-F85C-40FD-BC9F-5EE53890A411", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0:beta4.1:*:*:*:*:*:*", "matchCriteriaId": "2114971F-15FC-440D-9D33-A7E6B7D3F59B", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "5329B90A-7445-4FB4-858B-D635ABEA0EF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0:beta6:*:*:*:*:*:*", "matchCriteriaId": "4B0D55E2-0320-4215-9A5A-A0BFB610D4B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "94DE27DB-1B1E-4CF5-9FA1-DF032502B71C", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "A5EB9970-8CBA-4720-93CF-84C488872070", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C8DC2DE-AC37-4494-ADEC-581D26A34AF9", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "11E23F5F-8068-4EBD-87C8-4B8F4F89CDB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "AA3A2DBF-6B9F-4B30-84F5-5AAB75B606C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "559D77F1-149B-4821-952E-2E06D5E3F69F", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "1126ED56-1AD9-49AC-9A49-3803912F127E", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "46B2AA68-7B2F-4AD3-982D-3CFCEA40643C", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "25A66112-67BE-4103-975F-D198698BE50C", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "45E1F0FF-F232-4275-ADB7-F94AA3EE8964", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FB14433-1E1A-4FA9-894F-3D79443DE5AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "A97C8C51-68F1-459D-B03C-B213F68654E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "54B195D4-40DB-49F5-9AC4-B83D99DE1981", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "60F37A70-AA61-4AE0-8920-15ACBE1AEA85", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "D3C4BC27-5F7E-474E-B474-BFDABFE173FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "6877EF64-339A-47F6-835D-DC558B3619F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "6986D103-9B4A-47B5-BAF6-FDA81FC16158", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "4D15A07F-5513-4925-8312-0603EAF387D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "575B6D4F-D694-4DED-AEBB-D34629D41FC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "62AAD1A1-BB63-4918-B025-3E1ECACDC6FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "4643B638-C3F6-4CFC-9501-8D7FDC287C8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "3350A780-870C-4482-879B-1F80676CE2F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "5BE07B07-9CD5-4F30-8F51-A79CCD467FEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "7087FAD5-5063-4258-84E4-8B430D05AF3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9BF1364E-1796-43B5-941A-052E3FA63EC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1:beta1:*:*:*:*:*:*", "matchCriteriaId": "88E050C4-E6B4-4FDE-A83E-CC98B969D3A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1:beta2:*:*:*:*:*:*", "matchCriteriaId": "F924AC18-B3A4-4E8E-9993-301F53F6FE10", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1:beta3:*:*:*:*:*:*", "matchCriteriaId": "38E1CB35-4103-4404-8D50-A721FF99B1B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1:beta4:*:*:*:*:*:*", "matchCriteriaId": "CF59A8D2-6321-4823-B94F-5B889566948C", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "B0DFADF1-3B8A-4670-B332-2FC4EF85D7D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "1EA2D287-8BE8-4428-B112-E1385DFFB783", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1:rc3:*:*:*:*:*:*", "matchCriteriaId": "C03C87DB-6604-444B-AFB5-D80CCA9ED105", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F48ABB45-0DD0-4113-B998-E27D246317A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "ACEC624B-F259-4A57-8E75-36101B15AC29", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "8B533493-36FF-47D2-9924-7277BA3550E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "08D81C9A-5DB5-491B-AF8A-FD87E7A7ACC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "CA96EA1B-256C-4E42-999B-B2EC30A82E82", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "39376239-D851-4614-9F54-4DE077DA2BB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "3BEBAF17-902E-441A-AE39-A2457522866B", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "7223B467-DFEC-4D01-9FA4-537151DBD0CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "6932E5C3-47C2-414B-8D79-A2FC70C9DE97", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "9CD39E15-2741-4B54-B78D-F5C4FBF596DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "880D38A1-308F-46F4-A3D9-4278506CD84C", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "D2A709B4-EBAE-4B45-BA9C-F3FB1A787790", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "DA543E42-55B7-454A-8E65-017DD537DDBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "C5863684-6E4F-4972-B853-A8CECE8FC101", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "6EACAE2B-9ADD-4B3E-9770-F4EEE4F29862", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "65ECB5EA-AFC0-4B1D-84E2-22F90A0A728A", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "F361B121-0997-49A1-A19A-D24993387131", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "80A86957-5B72-4253-8B79-FC05CE564F57", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:beta2.1:*:*:*:*:*:*", "matchCriteriaId": "31C69C1D-5EF5-4C6D-856A-05A5CC412E26", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "C9DE5EB6-E432-408A-AB75-D8488B443B08", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:beta3.1:*:*:*:*:*:*", "matchCriteriaId": "3DEEFF9F-CED8-494A-81FD-B1B8E70B2807", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "FE36B704-A3B2-4A22-BF88-10BFD2F57C90", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "41B55F0F-EA85-4D0A-B1F3-3D154F9C661C", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "24674663-6C74-461B-89EA-73FC2CB69DBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "30151B7B-FE60-473B-881A-B401DEE7741F", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "442CCC37-8DD0-4061-8B45-E8E5674CAFAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "65EA52AB-234F-4485-B253-E0ABA40DFC90", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EDC7978C-B3BE-479C-8733-DDD5100A9CE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "0FBD4174-51EE-4A3A-AE72-297F33F09905", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "FE7AD0D1-655E-41F7-B40D-B62DAF96D124", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "16A5363B-BB3B-4F51-9DA3-6136E3E79760", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "717154E9-F66D-4AA0-8D3C-F44282BAA160", "vulnerable": true}, {"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B5AD2EC0-1514-446E-A945-BA6CDBB975A3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows remote attackers to impersonate arbitrary users via multiple space characters characters."}, {"lang": "es", "value": "Simple Machines Forum (SMF) anterior a 1.1.19 y 2.x anterior a 2.0.6 permite a atacantes remotos suplantar usuarios arbitrarios a trav\u00e9s de m\u00faltiples caracteres de espacio."}], "id": "CVE-2013-7235", "lastModified": "2023-11-07T02:17:58.773", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-04-29T14:38:47.623", "references": [{"source": "cve@mitre.org", "url": "http://download.simplemachines.org/index.php?thanks%3Bfilename=smf_2-0-6_changelog.txt"}, {"source": "cve@mitre.org", "url": "http://seclists.org/fulldisclosure/2013/Dec/83"}, {"source": "cve@mitre.org", "url": "http://www.jakoblell.com/blog/2013/12/13/multiple-vulnerabilities-in-smf-forum-software/"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2013/12/30/1"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2013/12/30/3"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}