VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jun 21, 2011· Updated Apr 29, 2026

CVE-2011-1130

CVE-2011-1130

Description

Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly validate the start parameter, which might allow remote attackers to conduct SQL injection attacks, obtain sensitive information, or cause a denial of service via a crafted value, related to the cleanRequest function in QueryString.php and the constructPageIndex function in Subs.php.

Affected products

57
  • Simplemachines/Smf57 versions
    cpe:2.3:a:simplemachines:smf:*:*:*:*:*:*:*:*+ 56 more
    • cpe:2.3:a:simplemachines:smf:*:*:*:*:*:*:*:*range: <=1.1.12
    • cpe:2.3:a:simplemachines:smf:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.18:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.19:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.20:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.21:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:beta4.1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:beta6:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:beta1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:beta2:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:beta3:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:beta4:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:rc2:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:1.1:rc3:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta2.1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta3.1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:simplemachines:smf:2.0:rc4:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.