Design/Logic Flaw

2011-06-2102:52:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.6%

JSON

SSI.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly restrict guest access, which allows remote attackers to have an unspecified impact via unknown vectors.

CPENameOperatorVersion
smfeq1.0.13
smfeq1.1.2
smfeq1.0.8
smfeq1.1 rc1
smfeq1.0 beta4.1
smfeq1.0.1
smfle1.1.12
smfeq1.0.19
smfeq1.0.7
smfeq1.0.9

Name	Operator	Version
smf	eq	1.0.13
smf	eq	1.1.2
smf	eq	1.0.8
smf	eq	1.1 rc1
smf	eq	1.0 beta4.1
smf	eq	1.0.1
smf	le	1.1.12
smf	eq	1.0.19
smf	eq	1.0.7
smf	eq	1.0.9

Rows per page:

1-10 of 571

References

custom.simplemachines.org/mods/downloads/smf_patch_2.0-RC4_security.zip

www.openwall.com/lists/oss-security/2011/02/22/17

www.openwall.com/lists/oss-security/2011/03/02/4

www.simplemachines.org/community/index.php?topic=421547.0