CyberSec.Space Logo
CVEブラウザに戻る

CVE-2011-1127

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0600%
EPSS Percentile21.42th
Published2011年6月21日
Last Modified2026年4月29日

Vulnerability Description

SSI.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly restrict guest access, which allows remote attackers to have an unspecified impact via unknown vectors.

Affected Platforms (CPE)

📦
Simplemachines

Smf

<= 1.1.12
📦
Simplemachines

Smf

= 1.0
📦
Simplemachines

Smf

= 1.0
📦
Simplemachines

Smf

= 1.0
📦
Simplemachines

Smf

= 1.0
📦
Simplemachines

Smf

= 1.0
📦
Simplemachines

Smf

= 1.0
📦
Simplemachines

Smf

= 1.0
📦
Simplemachines

Smf

= 1.0.1
📦
Simplemachines

Smf

= 1.0.2
📦
Simplemachines

Smf

= 1.0.3
📦
Simplemachines

Smf

= 1.0.4
📦
Simplemachines

Smf

= 1.0.5
📦
Simplemachines

Smf

= 1.0.6
📦
Simplemachines

Smf

= 1.0.7
📦
Simplemachines

Smf

= 1.0.8
📦
Simplemachines

Smf

= 1.0.9
📦
Simplemachines

Smf

= 1.0.10
📦
Simplemachines

Smf

= 1.0.12
📦
Simplemachines

Smf

= 1.0.13
📦
Simplemachines

Smf

= 1.0.14
📦
Simplemachines

Smf

= 1.0.15
📦
Simplemachines

Smf

= 1.0.16
📦
Simplemachines

Smf

= 1.0.17
📦
Simplemachines

Smf

= 1.0.18
📦
Simplemachines

Smf

= 1.0.19
📦
Simplemachines

Smf

= 1.0.20
📦
Simplemachines

Smf

= 1.0.21
📦
Simplemachines

Smf

= 1.1
📦
Simplemachines

Smf

= 1.1
📦
Simplemachines

Smf

= 1.1
📦
Simplemachines

Smf

= 1.1
📦
Simplemachines

Smf

= 1.1
📦
Simplemachines

Smf

= 1.1
📦
Simplemachines

Smf

= 1.1
📦
Simplemachines

Smf

= 1.1
📦
Simplemachines

Smf

= 1.1.1
📦
Simplemachines

Smf

= 1.1.2
📦
Simplemachines

Smf

= 1.1.3
📦
Simplemachines

Smf

= 1.1.4
📦
Simplemachines

Smf

= 1.1.5
📦
Simplemachines

Smf

= 1.1.6
📦
Simplemachines

Smf

= 1.1.7
📦
Simplemachines

Smf

= 1.1.8
📦
Simplemachines

Smf

= 1.1.9
📦
Simplemachines

Smf

= 1.1.10
📦
Simplemachines

Smf

= 1.1.11
📦
Simplemachines

Smf

= 2.0
📦
Simplemachines

Smf

= 2.0
📦
Simplemachines

Smf

= 2.0
📦
Simplemachines

Smf

= 2.0
📦
Simplemachines

Smf

= 2.0
📦
Simplemachines

Smf

= 2.0
📦
Simplemachines

Smf

= 2.0
📦
Simplemachines

Smf

= 2.0
📦
Simplemachines

Smf

= 2.0
📦
Simplemachines

Smf

= 2.0

References & Advisories

🔗 http://custom.simplemachines.org/mods/downloads/smf_patch_2.0-RC4_security.zip
🔗 http://www.openwall.com/lists/oss-security/2011/02/22/17
🔗 http://www.openwall.com/lists/oss-security/2011/03/02/4
🔗 http://www.simplemachines.org/community/index.php?topic=421547.0
🔗 http://custom.simplemachines.org/mods/downloads/smf_patch_2.0-RC4_security.zip
🔗 http://www.openwall.com/lists/oss-security/2011/02/22/17
🔗 http://www.openwall.com/lists/oss-security/2011/03/02/4
🔗 http://www.simplemachines.org/community/index.php?topic=421547.0

関連する脆弱性情報

CVE-2019-115749.8

An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.p...

CVE-2005-48919.8

Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject a...

CVE-2018-103059.8

The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2.0.15 does not properly use the possible...

CVE-2016-57269.8

Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitr...