Information Disclosure Vulnerability in Simple Machines Forum Product
CVE-2011-1131

Currently unrated

Key Information:

Vendor: Simplemachines
Status: Smf
Vendor: CVE Published:; 21 June 2011

🔔 Create Simplemachines Vulnerability Alert

What is CVE-2011-1131?

The PlushSearch2 function in Search.php of Simple Machines Forum (SMF) prior to version 1.1.13 and version 2.0 RC5 improperly utilizes cached data when a temporary table is created. This flaw can lead to a scenario where remote attackers exploit this lapse, potentially exposing sensitive information through search queries, which should not be accessible under configured data management practices.

References

http://www.openwall.com/lists/oss-security/2011/02/22/17

mailing-listx_refsource_MLIST

http://www.simplemachines.org/community/index.php?topic=4...

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2011/03/02/4

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 21, 2011