Vanilla@2.0.18 Security Vulnerabilities and Issues — Vanilla@2.0.18 CVE List

Lucene search

VanillaforumsVanilla2.0.18

3 matches found

CVE•added 2013/05/10 9:55 p.m.•50 views

CVE-2013-3528

Unspecified vulnerability in the update check in Vanilla Forums before 2.0.18.8 has unspecified impact and remote attack vectors, related to "object injection."

7.5CVSS6.5AI score0.04513EPSS

CVE•added 2012/11/15 11:58 a.m.•46 views

CVE-2012-4954

The edit-profile page in Vanilla Forums before 2.1a32 allows remote authenticated users to modify arbitrary profile settings by replacing the UserID value during a man-in-the-middle attack, related to a "parameter manipulation" issue.

3.5CVSS6.5AI score0.00315EPSS

CVE•added 2013/05/10 9:55 p.m.•36 views

CVE-2013-3527

Multiple SQL injection vulnerabilities in Vanilla Forums before 2.0.18.8 allow remote attackers to execute arbitrary SQL commands via the parameter name in the Form/Email array to (1) entry/signin or (2) entry/passwordrequest.

7.5CVSS8.8AI score0.03643EPSS