VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jun 21, 2011· Updated Apr 29, 2026

CVE-2011-1128

CVE-2011-1128

Description

The loadUserSettings function in Load.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly handle invalid login attempts, which might make it easier for remote attackers to obtain access or cause a denial of service via a brute-force attack.

Affected products

57
  • Simplemachines/Smf57 versions
    cpe:2.3:a:simplemachines:smf:*:*:*:*:*:*:*:*+ 56 more
    • cpe:2.3:a:simplemachines:smf:*:*:*:*:*:*:*:*range: <=1.1.12
    • cpe:2.3:a:simplemachines:smf:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.18:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.19:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.20:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.21:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:beta4.1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:beta6:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:beta1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:beta2:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:beta3:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:beta4:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:rc2:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:rc3:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta2.1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta3.1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:rc4:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.