CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-1130

Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly validate the start parameter, which might allow remote attackers to conduct SQL injection attacks, obtain sensitive information, or cause a denial of service via a crafted value, related to the cleanRequest function in QueryString.php and the constructPageIndex function in Subs.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.7%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2011-1130

Simplemachines » Smf » Version: Any

cpe:2.3:a:simplemachines:smf:*
Simplemachines » Smf » Version: 1.0

cpe:2.3:a:simplemachines:smf:1.0
Simplemachines » Smf » Version: 1.0.1

cpe:2.3:a:simplemachines:smf:1.0.1
Simplemachines » Smf » Version: 1.0.10

cpe:2.3:a:simplemachines:smf:1.0.10
Simplemachines » Smf » Version: 1.0.12

cpe:2.3:a:simplemachines:smf:1.0.12
Simplemachines » Smf » Version: 1.0.13

cpe:2.3:a:simplemachines:smf:1.0.13
Simplemachines » Smf » Version: 1.0.14

cpe:2.3:a:simplemachines:smf:1.0.14
Simplemachines » Smf » Version: 1.0.15

cpe:2.3:a:simplemachines:smf:1.0.15
Simplemachines » Smf » Version: 1.0.16

cpe:2.3:a:simplemachines:smf:1.0.16
Simplemachines » Smf » Version: 1.0.17

cpe:2.3:a:simplemachines:smf:1.0.17
Simplemachines » Smf » Version: 1.0.18

cpe:2.3:a:simplemachines:smf:1.0.18
Simplemachines » Smf » Version: 1.0.19

cpe:2.3:a:simplemachines:smf:1.0.19
Simplemachines » Smf » Version: 1.0.2

cpe:2.3:a:simplemachines:smf:1.0.2
Simplemachines » Smf » Version: 1.0.20

cpe:2.3:a:simplemachines:smf:1.0.20
Simplemachines » Smf » Version: 1.0.21

cpe:2.3:a:simplemachines:smf:1.0.21
Simplemachines » Smf » Version: 1.0.3

cpe:2.3:a:simplemachines:smf:1.0.3
Simplemachines » Smf » Version: 1.0.4

cpe:2.3:a:simplemachines:smf:1.0.4
Simplemachines » Smf » Version: 1.0.5

cpe:2.3:a:simplemachines:smf:1.0.5
Simplemachines » Smf » Version: 1.0.6

cpe:2.3:a:simplemachines:smf:1.0.6
Simplemachines » Smf » Version: 1.0.7

cpe:2.3:a:simplemachines:smf:1.0.7
Simplemachines » Smf » Version: 1.0.8

cpe:2.3:a:simplemachines:smf:1.0.8
Simplemachines » Smf » Version: 1.0.9

cpe:2.3:a:simplemachines:smf:1.0.9
Simplemachines » Smf » Version: 1.1

cpe:2.3:a:simplemachines:smf:1.1
Simplemachines » Smf » Version: 1.1.1

cpe:2.3:a:simplemachines:smf:1.1.1
Simplemachines » Smf » Version: 1.1.10

cpe:2.3:a:simplemachines:smf:1.1.10
Simplemachines » Smf » Version: 1.1.11

cpe:2.3:a:simplemachines:smf:1.1.11
Simplemachines » Smf » Version: 1.1.2

cpe:2.3:a:simplemachines:smf:1.1.2
Simplemachines » Smf » Version: 1.1.3

cpe:2.3:a:simplemachines:smf:1.1.3
Simplemachines » Smf » Version: 1.1.4

cpe:2.3:a:simplemachines:smf:1.1.4
Simplemachines » Smf » Version: 1.1.5

cpe:2.3:a:simplemachines:smf:1.1.5
Simplemachines » Smf » Version: 1.1.6

cpe:2.3:a:simplemachines:smf:1.1.6
Simplemachines » Smf » Version: 1.1.7

cpe:2.3:a:simplemachines:smf:1.1.7
Simplemachines » Smf » Version: 1.1.8

cpe:2.3:a:simplemachines:smf:1.1.8
Simplemachines » Smf » Version: 1.1.9

cpe:2.3:a:simplemachines:smf:1.1.9
Simplemachines » Smf » Version: 2.0

cpe:2.3:a:simplemachines:smf:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-1130

Products

Pricing

Contact Us