4 matches found
CVE-2018-18903
Vanilla 2.6.x before 2.6.4 allows remote code execution...
CVE-2018-18903
Vanilla 2.6.x before 2.6.4 allows remote code execution...
CVE-2018-18903
Vanilla 2.6.x before 2.6.4 allows remote code execution...
CVE-2018-18903
The CVE-2018-18903 issue affects Vanilla Forums (Vanilla) in the domGetImages function of the ImportController, where unserialize via a crafted phar archive enables remote code execution without authentication. This is tied to Vanilla Forums prior to 2.6.4. Affected product: Vanilla Forums; vulne...