Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vanillaforums vanilla vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-3613
An issue exists in Vanilla Forums prior to 2.0.17.9 due to the way cookies are handled.
Vanillaforums Vanilla
5
CVSSv2
CVE-2016-10073
The from method in library/core/class.email.php in Vanilla Forums prior to 2.3.1 allows remote malicious users to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a password reset request.
Vanillaforums Vanilla
1 EDB exploit
1 Article
6.5
CVSSv2
CVE-2018-19499
Vanilla prior to 2.5.5 and 2.6.x prior to 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class.
Vanillaforums Vanilla
7.5
CVSSv2
CVE-2011-3614
An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums prior to 2.0.17.9.
Vanillaforums Vanilla
7.5
CVSSv2
CVE-2018-18903
Vanilla 2.6.x prior to 2.6.4 allows remote code execution.
Vanillaforums Vanilla
4
CVSSv2
CVE-2019-9889
In Vanilla prior to 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class. The issue results in a require call using a crafted type value, leading to Directory Traversal with File Inclusion. An attacker can leverage this vulnerability to execute code u...
Vanillaforums Vanilla
3.5
CVSSv2
CVE-2020-8825
index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.
Vanillaforums Vanilla 2.6.3
1 Github repository
6
CVSSv2
CVE-2017-1000432
Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting topics and comments from forums Admin access
Vanillaforums Vanilla Forums
1 EDB exploit
5.8
CVSSv2
CVE-2010-4266
It was found in vanilla forums prior to 2.0.10 a potential linkbait vulnerability in dispatcher.
Vanillaforums Vanilla Forums
4
CVSSv2
CVE-2018-15833
In Vanilla prior to 2.6.1, the polling functionality allows Insecure Direct Object Reference (IDOR) via the Poll ID, leading to the ability of a single user to select multiple Poll Options (e.g., vote for multiple items).
Vanillaforums Vanilla Forums
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »