CVE-2013-3528

2013-05-1021:55:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2013-3528

vanilla forums

vulnerability

update check

remote attack vectors

6.5 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.6%

JSON

Unspecified vulnerability in the update check in Vanilla Forums before 2.0.18.8 has unspecified impact and remote attack vectors, related to “object injection.”

CPENameOperatorVersion
vanillaforums:vanillavanillaforums vanillaeq2.0.16
vanillaforums:vanillavanillaforums vanillaeq2.0.1
vanillaforums:vanillavanillaforums vanillaeq2.0.2
vanillaforums:vanillavanillaforums vanillaeq2.0.3
vanillaforums:vanillavanillaforums vanillaeq2.0.4
vanillaforums:vanillavanillaforums vanillaeq2.0.5
vanillaforums:vanillavanillaforums vanillaeq2.0.6
vanillaforums:vanillavanillaforums vanillaeq2.0.7
vanillaforums:vanillavanillaforums vanillaeq2.0.8
vanillaforums:vanillavanillaforums vanillaeq2.0.9

CPE	Name	Operator	Version
vanillaforums:vanilla	vanillaforums vanilla	eq	2.0.16
vanillaforums:vanilla	vanillaforums vanilla	eq	2.0.1
vanillaforums:vanilla	vanillaforums vanilla	eq	2.0.2
vanillaforums:vanilla	vanillaforums vanilla	eq	2.0.3
vanillaforums:vanilla	vanillaforums vanilla	eq	2.0.4
vanillaforums:vanilla	vanillaforums vanilla	eq	2.0.5
vanillaforums:vanilla	vanillaforums vanilla	eq	2.0.6
vanillaforums:vanilla	vanillaforums vanilla	eq	2.0.7
vanillaforums:vanilla	vanillaforums vanilla	eq	2.0.8
vanillaforums:vanilla	vanillaforums vanilla	eq	2.0.9