CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
73.1%
The PlushSearch2 function in Search.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, uses certain cached data in a situation where a temporary table has been created, even though this cached data is intended only for situations where a temporary table has not been created, which might allow remote attackers to obtain sensitive information via a search.
Vendor | Product | Version | CPE |
---|---|---|---|
simplemachines | smf | * | cpe:2.3:a:simplemachines:smf:*:*:*:*:*:*:*:* |
simplemachines | smf | 1.0 | cpe:2.3:a:simplemachines:smf:1.0:*:*:*:*:*:*:* |
simplemachines | smf | 1.0 | cpe:2.3:a:simplemachines:smf:1.0:beta4:*:*:*:*:*:* |
simplemachines | smf | 1.0 | cpe:2.3:a:simplemachines:smf:1.0:beta4.1:*:*:*:*:*:* |
simplemachines | smf | 1.0 | cpe:2.3:a:simplemachines:smf:1.0:beta5:*:*:*:*:*:* |
simplemachines | smf | 1.0 | cpe:2.3:a:simplemachines:smf:1.0:beta6:*:*:*:*:*:* |
simplemachines | smf | 1.0 | cpe:2.3:a:simplemachines:smf:1.0:rc1:*:*:*:*:*:* |
simplemachines | smf | 1.0 | cpe:2.3:a:simplemachines:smf:1.0:rc2:*:*:*:*:*:* |
simplemachines | smf | 1.0.1 | cpe:2.3:a:simplemachines:smf:1.0.1:*:*:*:*:*:*:* |
simplemachines | smf | 1.0.2 | cpe:2.3:a:simplemachines:smf:1.0.2:*:*:*:*:*:*:* |