cve/2011/CVE-2011-1131.md

CVE-2011-1131

Description

The PlushSearch2 function in Search.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, uses certain cached data in a situation where a temporary table has been created, even though this cached data is intended only for situations where a temporary table has not been created, which might allow remote attackers to obtain sensitive information via a search.

POC

Reference

• http://custom.simplemachines.org/mods/downloads/smf_patch_2.0-RC4_security.zip

Github

No PoCs found on GitHub currently.