Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lussumo vanilla 0.9.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3759
Cross-site request forgery (CSRF) vulnerability in ajax/UpdateCheck.php in Vanilla 1.1.4 and previous versions has unknown impact and remote attack vectors.
Lussumo Vanilla 1.0.3
Lussumo Vanilla 1.1
Lussumo Vanilla 1.0.1
Lussumo Vanilla 1.0.2
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1
Lussumo Vanilla 1.1.3
Lussumo Vanilla
Lussumo Vanilla 1.1.1
Lussumo Vanilla 1.1.2
4.3
CVSSv2
CVE-2008-3758
Multiple cross-site scripting (XSS) vulnerabilities in Lussumo Vanilla 1.1.4 and previous versions (1) allow remote malicious users to inject arbitrary web script or HTML via the NewPassword parameter to people.php, and allow remote authenticated users to inject arbitrary web scr...
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1.1.2
Lussumo Vanilla 1.1.3
Lussumo Vanilla 1.1
Lussumo Vanilla 1.1.1
Lussumo Vanilla 1.0.2
Lussumo Vanilla 1.0.3
Lussumo Vanilla 1
Lussumo Vanilla 1.0.1
Lussumo Vanilla
1 EDB exploit
4.3
CVSSv2
CVE-2008-3760
Cross-site request forgery (CSRF) vulnerability in the sign-out page in Vanilla 1.1.4 and previous versions allows remote malicious users to hijack the authentication of arbitrary users for requests that trigger a logout via a SignOutNow action to people.php.
Lussumo Vanilla 1.0.1
Lussumo Vanilla 1.0.2
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1
Lussumo Vanilla 1.1.3
Lussumo Vanilla
Lussumo Vanilla 1.1.1
Lussumo Vanilla 1.1.2
Lussumo Vanilla 1.0.3
Lussumo Vanilla 1.1
3.5
CVSSv2
CVE-2008-3874
Cross-site scripting (XSS) vulnerability in account.php in Lussumo Vanilla 1.1.5-rc1, 1.1.4, and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the Value field (aka Label ==> Value pairs). NOTE: some of these details are obtained...
Lussumo Vanilla 1.1.1
Lussumo Vanilla 1.1.2
Lussumo Vanilla 1.0.1
Lussumo Vanilla 1.0.2
Lussumo Vanilla
Lussumo Vanilla 1.0.3
Lussumo Vanilla 1.1
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1
Lussumo Vanilla 1.1.3
Lussumo Vanilla 1.1.4
7.5
CVSSv2
CVE-2010-1337
Multiple PHP remote file inclusion vulnerabilities in definitions.php in Lussumo Vanilla 1.1.10, and possibly 0.9.2 and other versions, allow remote malicious users to execute arbitrary PHP code via a URL in the (1) include and (2) Configuration['LANGUAGE'] parameters.
Lussumo Vanilla 1.1.8
Lussumo Vanilla 1.1.7
Lussumo Vanilla 1.1.2
Lussumo Vanilla 1.1.1
Lussumo Vanilla
Lussumo Vanilla 1.1.9
Lussumo Vanilla 1.1.5
Lussumo Vanilla 1.1.4
Lussumo Vanilla 1.1.3
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1.0.2
Lussumo Vanilla 1.0.1
Lussumo Vanilla 1.1.6
Lussumo Vanilla 1.1
Lussumo Vanilla 1.0.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started