Vanilla
by Vanilla OS
Source repositories
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-10073 | Hig | 0.56 | 7.5 | 0.54 | May 23, 2017 | The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote attackers to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a password reset request. | ||
| CVE-2006-3850 | 0.04 | — | 0.07 | Jul 25, 2006 | PHP remote file inclusion vulnerability in upgrader.php in Vanilla CMS 1.0.1 and earlier, when /conf/old_settings.php exists, allows remote attackers to execute arbitrary PHP code via a URL in the RootDirectory parameter. NOTE: this issue has been disputed by a third party who… | |||
| CVE-2020-8825 | 0.03 | — | 0.01 | Feb 10, 2020 | index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS. | |||
| CVE-2017-1000432 | 0.03 | — | 0.00 | Jan 2, 2018 | Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting topics and comments from forums Admin access | |||
| CVE-2020-36474 | 0.00 | — | 0.01 | Aug 20, 2021 | SafeCurl before 0.9.2 has a DNS rebinding vulnerability. | |||
| CVE-2011-3614 | 0.00 | — | 0.01 | Jan 22, 2020 | An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9. | |||
| CVE-2019-9889 | 0.00 | — | 0.00 | Mar 20, 2019 | In Vanilla before 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class. The issue results in a require call using a crafted type value, leading to Directory Traversal with File Inclusion. An attacker can leverage this vulnerability to execute code… | |||
| CVE-2018-19499 | 0.00 | — | 0.02 | Nov 23, 2018 | Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class. | |||
| CVE-2018-18903 | 0.00 | — | 0.05 | Nov 3, 2018 | Vanilla 2.6.x before 2.6.4 allows remote code execution. | |||
| CVE-2018-17571 | 0.00 | — | 0.00 | Sep 28, 2018 | Vanilla before 2.6.1 allows XSS via the email field of a profile. | |||
| CVE-2018-16410 | 0.00 | — | 0.00 | Sep 3, 2018 | Vanilla before 2.6.1 allows SQL injection via an invitationID array to /profile/deleteInvitation, related to applications/dashboard/models/class.invitationmodel.php and applications/dashboard/controllers/class.profilecontroller.php. | |||
| CVE-2018-15833 | 0.00 | — | 0.00 | Aug 26, 2018 | In Vanilla before 2.6.1, the polling functionality allows Insecure Direct Object Reference (IDOR) via the Poll ID, leading to the ability of a single user to select multiple Poll Options (e.g., vote for multiple items). | |||
| CVE-2011-3812 | 0.00 | — | 0.00 | Sep 24, 2011 | Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Minify/min/utils.php and certain other files. |
- risk 0.56cvss 7.5epss 0.54
The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote attackers to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a password reset request.
- CVE-2006-3850Jul 25, 2006risk 0.04cvss —epss 0.07
PHP remote file inclusion vulnerability in upgrader.php in Vanilla CMS 1.0.1 and earlier, when /conf/old_settings.php exists, allows remote attackers to execute arbitrary PHP code via a URL in the RootDirectory parameter. NOTE: this issue has been disputed by a third party who…
- CVE-2020-8825Feb 10, 2020risk 0.03cvss —epss 0.01
index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.
- CVE-2017-1000432Jan 2, 2018risk 0.03cvss —epss 0.00
Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting topics and comments from forums Admin access
- CVE-2020-36474Aug 20, 2021risk 0.00cvss —epss 0.01
SafeCurl before 0.9.2 has a DNS rebinding vulnerability.
- CVE-2011-3614Jan 22, 2020risk 0.00cvss —epss 0.01
An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9.
- CVE-2019-9889Mar 20, 2019risk 0.00cvss —epss 0.00
In Vanilla before 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class. The issue results in a require call using a crafted type value, leading to Directory Traversal with File Inclusion. An attacker can leverage this vulnerability to execute code…
- CVE-2018-19499Nov 23, 2018risk 0.00cvss —epss 0.02
Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class.
- CVE-2018-18903Nov 3, 2018risk 0.00cvss —epss 0.05
Vanilla 2.6.x before 2.6.4 allows remote code execution.
- CVE-2018-17571Sep 28, 2018risk 0.00cvss —epss 0.00
Vanilla before 2.6.1 allows XSS via the email field of a profile.
- CVE-2018-16410Sep 3, 2018risk 0.00cvss —epss 0.00
Vanilla before 2.6.1 allows SQL injection via an invitationID array to /profile/deleteInvitation, related to applications/dashboard/models/class.invitationmodel.php and applications/dashboard/controllers/class.profilecontroller.php.
- CVE-2018-15833Aug 26, 2018risk 0.00cvss —epss 0.00
In Vanilla before 2.6.1, the polling functionality allows Insecure Direct Object Reference (IDOR) via the Poll ID, leading to the ability of a single user to select multiple Poll Options (e.g., vote for multiple items).
- CVE-2011-3812Sep 24, 2011risk 0.00cvss —epss 0.00
Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Minify/min/utils.php and certain other files.