Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vanillaforums vanilla vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2011-3614
An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums prior to 2.0.17.9.
Vanillaforums Vanilla
9.8
CVSSv3
CVE-2018-18903
Vanilla 2.6.x prior to 2.6.4 allows remote code execution.
Vanillaforums Vanilla
8
CVSSv3
CVE-2017-1000432
Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting topics and comments from forums Admin access
Vanillaforums Vanilla Forums
1 EDB exploit
7.5
CVSSv3
CVE-2011-3613
An issue exists in Vanilla Forums prior to 2.0.17.9 due to the way cookies are handled.
Vanillaforums Vanilla
7.5
CVSSv3
CVE-2016-10073
The from method in library/core/class.email.php in Vanilla Forums prior to 2.3.1 allows remote malicious users to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a password reset request.
Vanillaforums Vanilla
1 EDB exploit
1 Article
7.2
CVSSv3
CVE-2018-19499
Vanilla prior to 2.5.5 and 2.6.x prior to 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class.
Vanillaforums Vanilla
6.5
CVSSv3
CVE-2018-16410
Vanilla prior to 2.6.1 allows SQL injection via an invitationID array to /profile/deleteInvitation, related to applications/dashboard/models/class.invitationmodel.php and applications/dashboard/controllers/class.profilecontroller.php.
Vanillaforums Vanilla 2.6.1
6.1
CVSSv3
CVE-2010-4264
It was found in vanilla forums prior to 2.0.10 a cross-site scripting vulnerability where a filename could contain arbitrary code to execute on the client side.
Vanillaforums Vanilla Forums
6.1
CVSSv3
CVE-2010-4266
It was found in vanilla forums prior to 2.0.10 a potential linkbait vulnerability in dispatcher.
Vanillaforums Vanilla Forums
6.1
CVSSv3
CVE-2011-1009
Vanilla Forums 2.0.17.1 up to and including 2.0.17.5 has XSS in /vanilla/index.php via the p parameter.
Vanillaforums Vanilla
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »