CVE-2013-7235

Simple Machines Forum <1.1.19, 2.x <2.0.6 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows remote attackers to impersonate arbitrary users via multiple space characters characters.

References (5)

Core 5
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/12/30/1
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/12/30/3
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2013/Dec/83

Scores

EPSS 0.0153
EPSS Percentile 71.7%

Details

CWE
CWE-20
Status published
Products (37)
simplemachines/simple_machines_forum 1.0 (7 CPE variants)
simplemachines/simple_machines_forum 1.0.1
simplemachines/simple_machines_forum 1.0.2
simplemachines/simple_machines_forum 1.0.3
simplemachines/simple_machines_forum 1.0.4
simplemachines/simple_machines_forum 1.0.5
simplemachines/simple_machines_forum 1.0.6
simplemachines/simple_machines_forum 1.0.7
simplemachines/simple_machines_forum 1.0.8
simplemachines/simple_machines_forum 1.0.9
... and 27 more
Published Apr 29, 2014
Tracked Since Feb 18, 2026