Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lussumo vanilla 1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3760
Cross-site request forgery (CSRF) vulnerability in the sign-out page in Vanilla 1.1.4 and previous versions allows remote malicious users to hijack the authentication of arbitrary users for requests that trigger a logout via a SignOutNow action to people.php.
Lussumo Vanilla 1.1.2
Lussumo Vanilla 1.0.2
Lussumo Vanilla 1.1
Lussumo Vanilla
Lussumo Vanilla 1.1.3
Lussumo Vanilla 1.0.1
Lussumo Vanilla 1
Lussumo Vanilla 1.0.3
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1.1.1
NA
CVE-2008-3758
Multiple cross-site scripting (XSS) vulnerabilities in Lussumo Vanilla 1.1.4 and previous versions (1) allow remote malicious users to inject arbitrary web script or HTML via the NewPassword parameter to people.php, and allow remote authenticated users to inject arbitrary web scr...
Lussumo Vanilla 1.1.2
Lussumo Vanilla 1.0.2
Lussumo Vanilla 1.1
Lussumo Vanilla
Lussumo Vanilla 1.1.3
Lussumo Vanilla 1.0.1
Lussumo Vanilla 1
Lussumo Vanilla 1.0.3
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1.1.1
1 EDB exploit
NA
CVE-2008-3759
Cross-site request forgery (CSRF) vulnerability in ajax/UpdateCheck.php in Vanilla 1.1.4 and previous versions has unknown impact and remote attack vectors.
Lussumo Vanilla 1.1.2
Lussumo Vanilla 1.0.2
Lussumo Vanilla 1.1
Lussumo Vanilla
Lussumo Vanilla 1.1.3
Lussumo Vanilla 1.0.1
Lussumo Vanilla 1
Lussumo Vanilla 1.0.3
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1.1.1
NA
CVE-2008-3874
Cross-site scripting (XSS) vulnerability in account.php in Lussumo Vanilla 1.1.5-rc1, 1.1.4, and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the Value field (aka Label ==> Value pairs). NOTE: some of these details are obtained...
Lussumo Vanilla
Lussumo Vanilla 1.1.2
Lussumo Vanilla 1.0.2
Lussumo Vanilla 1.1
Lussumo Vanilla 1.1.4
Lussumo Vanilla 1.1.3
Lussumo Vanilla 1.0.1
Lussumo Vanilla 1
Lussumo Vanilla 1.0.3
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1.1.1
NA
CVE-2010-1337
Multiple PHP remote file inclusion vulnerabilities in definitions.php in Lussumo Vanilla 1.1.10, and possibly 0.9.2 and other versions, allow remote malicious users to execute arbitrary PHP code via a URL in the (1) include and (2) Configuration['LANGUAGE'] parameters.
Lussumo Vanilla 1.1.7
Lussumo Vanilla 1.1.5
Lussumo Vanilla 1.1.2
Lussumo Vanilla 1.0.2
Lussumo Vanilla 1.1
Lussumo Vanilla 1.1.4
Lussumo Vanilla 1.1.3
Lussumo Vanilla 1.1.6
Lussumo Vanilla 1.1.9
Lussumo Vanilla 1.1.8
Lussumo Vanilla 1.0.1
Lussumo Vanilla
Lussumo Vanilla 1.0.3
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1.1.1
1 EDB exploit
NA
CVE-2007-5644
Lussumo Vanilla 1.1.3 and previous versions does not require admin privileges for (1) ajax/sortcategories.php and (2) ajax/sortroles.php, which allows remote malicious users to conduct unauthorized sort operations and other activities.
Lussumo Vanilla
1 EDB exploit
NA
CVE-2007-5643
Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php.
Lussumo Vanilla
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started