CVE-2013-7235
Simple Machines Forum <1.1.19, 2.x <2.0.6 - Privilege Escalation
Title source: llmDescription
Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows remote attackers to impersonate arbitrary users via multiple space characters characters.
References (5)
Core 5
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/12/30/1
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/12/30/3
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2013/Dec/83
Various Sources x_refsource_misc
http://www.jakoblell.com/blog/2013/12/13/multiple-vulnerabilities-in-smf-forum-software/
Various Sources x_refsource_confirm
http://download.simplemachines.org/index.php?thanks%3Bfilename=smf_2-0-6_changelog.txt
Scores
EPSS
0.0153
EPSS Percentile
71.7%
Details
CWE
CWE-20
Status
published
Products (37)
simplemachines/simple_machines_forum
1.0 (7 CPE variants)
simplemachines/simple_machines_forum
1.0.1
simplemachines/simple_machines_forum
1.0.2
simplemachines/simple_machines_forum
1.0.3
simplemachines/simple_machines_forum
1.0.4
simplemachines/simple_machines_forum
1.0.5
simplemachines/simple_machines_forum
1.0.6
simplemachines/simple_machines_forum
1.0.7
simplemachines/simple_machines_forum
1.0.8
simplemachines/simple_machines_forum
1.0.9
... and 27 more
Published
Apr 29, 2014
Tracked Since
Feb 18, 2026