Access Control Vulnerability in Simple Machines Forum by Simple Machines
CVE-2011-1127

Currently unrated

Key Information:

Vendor: Simplemachines
Status: Smf
Vendor: CVE Published:; 21 June 2011

🔔 Create Simplemachines Vulnerability Alert

What is CVE-2011-1127?

SSI.php in Simple Machines Forum prior to version 1.1.13 and in the 2.x series before 2.0 RC5 fails to adequately restrict guest access, leading to potential unauthorized actions by remote attackers through various unknown vectors. This flaw highlights the need for improved access control mechanisms within the forum software to safeguard against potential exploits.

References

http://www.openwall.com/lists/oss-security/2011/02/22/17

mailing-listx_refsource_MLIST

http://www.simplemachines.org/community/index.php?topic=4...

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2011/03/02/4

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 21, 2011