Vanillaforums : Security Vulnerabilities, CVEs, Published In 2012

CVE-2012-4954

The edit-profile page in Vanilla Forums before 2.1a32 allows remote authenticated users to modify arbitrary profile settings by replacing the UserID value during a man-in-the-middle attack, related to a "parameter manipulation" issue.
Max CVSS
3.5
EPSS Score
0.15%
Published
2012-11-15
Updated
2020-06-04
1 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close