Security News > 2017 > May > Vanilla Forums Software Vulnerable to RCE, Host Header Injection Vulnerability (Threatpost)

Vanilla Forums Software Vulnerable to RCE, Host Header Injection Vulnerability (Threatpost)

2017-05-11 20:39

Vanilla Forums software suffers from vulnerabilities that could let an attacker gain access to user accounts, carry out web-cache poisoning attacks, and in some instances, execute arbitrary code.

News URL

http://threatpost.com/vanilla-forums-software-vulnerable-to-rce-host-header-injection-vulnerability/125615/

#RCE #threatpost #vulnerability

Related news

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
Critical PHP RCE vulnerability mass exploited in new attacks (source)
Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.