NotCVE - vendor:"Simple Machines" product:"Smf"

Page 2 of 8 results (0.002 seconds)

CVSS: 6.8EPSS: 4%CPEs: 4EXPL: 0

CVE-2006-6375

https://notcve.org/view.php?id=CVE-2006-6375

Cross-site scripting (XSS) vulnerability in display.php in Simple Machines Forum (SMF) 1.1 Final and earlier allows remote attackers to inject arbitrary web script or HTML via the contents of a file that is uploaded with the image parameter set, which can be interpreted as script by Internet Explorer's automatic type detection. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en display.php del Simple Machines Forum (SMF) 1.1 Final y versiones anteriores permite a atacantes remotos la inyección de secuencias de comandos web o HTML de su elección a través del contenido de un fichero que se carga con el parámetro image establecido y que puede ser interpretado como una secuencia de comandos por la detección automática de tipos del Internet Explorer. • http://secunia.com/advisories/23175 http://securityreason.com/securityalert/2001 http://www.securityfocus.com/archive/1/453426/100/0/threaded http://www.securityfocus.com/bid/21431 http://www.vupen.com/english/advisories/2006/4843 https://exchange.xforce.ibmcloud.com/vulnerabilities/30659 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 2

CVE-2004-1996 – Simple Machines Forum (SMF) 1.0 - Size Tag HTML Injection

https://notcve.org/view.php?id=CVE-2004-1996

Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote attackers to inject arbitrary web script via the size tag. • https://www.exploit-db.com/exploits/24082 http://marc.info/?l=bugtraq&m=108377364615934&w=2 http://www.securityfocus.com/bid/10281 https://exchange.xforce.ibmcloud.com/vulnerabilities/16067 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 2

CVE-2004-1827 – YABB SE 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities

https://notcve.org/view.php?id=CVE-2004-1827

Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags. • https://www.exploit-db.com/exploits/23812 http://marc.info/?l=bugtraq&m=107936800226430&w=2 http://marc.info/?l=bugtraq&m=107948064923981&w=2 http://secunia.com/advisories/11128 http://securitytracker.com/id?1009427 http://www.securityfocus.com/bid/9873 http://www.yabbforum.com/community/YaBB.pl?board=general%3Baction=display%3Bnum=1093133233 https://exchange.xforce.ibmcloud.com/vulnerabilities/15488 •

1 2