CVE-2011-1131

Simplemachines Smf < 1.1.12 - Information Disclosure

Title source: rule
STIX 2.1

Description

The PlushSearch2 function in Search.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, uses certain cached data in a situation where a temporary table has been created, even though this cached data is intended only for situations where a temporary table has not been created, which might allow remote attackers to obtain sensitive information via a search.

References (4)

Core 4

Scores

EPSS 0.0124
EPSS Percentile 65.7%

Details

CWE
CWE-200
Status published
Products (34)
simplemachines/smf 1.0 (7 CPE variants)
simplemachines/smf 1.0.1
simplemachines/smf 1.0.2
simplemachines/smf 1.0.3
simplemachines/smf 1.0.4
simplemachines/smf 1.0.5
simplemachines/smf 1.0.6
simplemachines/smf 1.0.7
simplemachines/smf 1.0.8
simplemachines/smf 1.0.9
... and 24 more
Published Jun 21, 2011
Tracked Since Feb 18, 2026