Required CVE Record Information
Description
SSI.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly restrict guest access, which allows remote attackers to have an unspecified impact via unknown vectors.
References 4 Total
- openwall.com: [oss-security] 20110222 CVE request: simple machines forum before 1.1.13 mailing-list
- http://www.simplemachines.org/community/index.php?topic=421547.0
- openwall.com: [oss-security] 20110302 Re: CVE request: simple machines forum before 1.1.13 mailing-list
- http://custom.simplemachines.org/mods/downloads/smf_patch_2.0-RC4_security.zip
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- openwall.com: [oss-security] 20110222 CVE request: simple machines forum before 1.1.13 mailing-listx_transferred
- http://www.simplemachines.org/community/index.php?topic=421547.0 x_transferred
- openwall.com: [oss-security] 20110302 Re: CVE request: simple machines forum before 1.1.13 mailing-listx_transferred
- http://custom.simplemachines.org/mods/downloads/smf_patch_2.0-RC4_security.zip x_transferred