Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vanillaforums vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-4264
It was found in vanilla forums prior to 2.0.10 a cross-site scripting vulnerability where a filename could contain arbitrary code to execute on the client side.
Vanillaforums Vanilla Forums
5.8
CVSSv2
CVE-2010-4266
It was found in vanilla forums prior to 2.0.10 a potential linkbait vulnerability in dispatcher.
Vanillaforums Vanilla Forums
3.5
CVSSv2
CVE-2020-8825
index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.
Vanillaforums Vanilla 2.6.3
1 Github repository
4.3
CVSSv2
CVE-2011-1009
Vanilla Forums 2.0.17.1 up to and including 2.0.17.5 has XSS in /vanilla/index.php via the p parameter.
Vanillaforums Vanilla
5
CVSSv2
CVE-2011-3613
An issue exists in Vanilla Forums prior to 2.0.17.9 due to the way cookies are handled.
Vanillaforums Vanilla
7.5
CVSSv2
CVE-2011-3614
An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums prior to 2.0.17.9.
Vanillaforums Vanilla
4
CVSSv2
CVE-2019-9889
In Vanilla prior to 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class. The issue results in a require call using a crafted type value, leading to Directory Traversal with File Inclusion. An attacker can leverage this vulnerability to execute code u...
Vanillaforums Vanilla
3.5
CVSSv2
CVE-2019-8279
Multiple stored XSS in Vanilla Forums prior to 2.5 allow remote malicious users to inject arbitrary JavaScript code into any message on forum.
Vanillaforums Vanilla Forums
6.5
CVSSv2
CVE-2018-19499
Vanilla prior to 2.5.5 and 2.6.x prior to 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class.
Vanillaforums Vanilla
7.5
CVSSv2
CVE-2018-18903
Vanilla 2.6.x prior to 2.6.4 allows remote code execution.
Vanillaforums Vanilla
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29758
CVE-2023-42931
unauthorized
CVE-2024-1540
unprivileged
CVE-2023-24955
CVE-2024-20259
logic flaw
CVE-2024-20333
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »