Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vanillaforums vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2010-4264
It was found in vanilla forums prior to 2.0.10 a cross-site scripting vulnerability where a filename could contain arbitrary code to execute on the client side.
Vanillaforums Vanilla Forums
516
VMScore
CVE-2010-4266
It was found in vanilla forums prior to 2.0.10 a potential linkbait vulnerability in dispatcher.
Vanillaforums Vanilla Forums
312
VMScore
CVE-2020-8825
index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.
Vanillaforums Vanilla 2.6.3
1 Github repository
383
VMScore
CVE-2011-1009
Vanilla Forums 2.0.17.1 up to and including 2.0.17.5 has XSS in /vanilla/index.php via the p parameter.
Vanillaforums Vanilla
668
VMScore
CVE-2011-3614
An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums prior to 2.0.17.9.
Vanillaforums Vanilla
445
VMScore
CVE-2011-3613
An issue exists in Vanilla Forums prior to 2.0.17.9 due to the way cookies are handled.
Vanillaforums Vanilla
356
VMScore
CVE-2019-9889
In Vanilla prior to 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class. The issue results in a require call using a crafted type value, leading to Directory Traversal with File Inclusion. An attacker can leverage this vulnerability to execute code u...
Vanillaforums Vanilla
312
VMScore
CVE-2019-8279
Multiple stored XSS in Vanilla Forums prior to 2.5 allow remote malicious users to inject arbitrary JavaScript code into any message on forum.
Vanillaforums Vanilla Forums
578
VMScore
CVE-2018-19499
Vanilla prior to 2.5.5 and 2.6.x prior to 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class.
Vanillaforums Vanilla
668
VMScore
CVE-2018-18903
Vanilla 2.6.x prior to 2.6.4 allows remote code execution.
Vanillaforums Vanilla
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »