In _isValidUser of smf.class.php (jsmf 2.0.2.1)

$mos needs to be initialized to false before the two

if ((strpos($data->password, ':') === true))

clauses that reference it, because otherwise the variable will be out of scope when it is checked after the initial if clauses. I'm pretty sure the original code of inner if clauses in first part of those clauses can be shortened to just

if ($hash == $cryptpass) {
    //CORRECT password
    $mos = true;
}

after this change, because it is pointless to set variable to its default value second time.

Joomla version: 1.0.13
SMF version: 1.1.4
JSMF version: 2.0.2.1

When trying password recovery, it doesn't initialize db prefix in updatePass($id, $pass) of admin.smf.class.php

if I add
        global $jsmfConfig;
after
        global $database;
and change line
            "WHERE id = '$smf_id' ";
to
            "WHERE ID_MEMBER = '$smf_id' ";

it works better

When viewing SMF user profile inside CB it uses URL format

/community/attachments/avatar_3.png

even though the correct format is

/community/index.php?action=dlattach;attach=2;type=avatar