Lucene search
F5F5:K16445454HistoryFeb 26, 2018 - 12:00 a.m.
K16445454 : Vanilla Forums vulnerability CVE-2016-10073
2018-02-2600:00:00
my.f5.com
17
Security Advisory Description
The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote attackers to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a password reset request. (CVE-2016-10073)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
cvelist
cvelist
CVE-2016-10073
2017-05-23 03:56:00
cve
cve
CVE-2016-10073
2017-05-23 04:29:01
nvd
nvd
CVE-2016-10073
2017-05-23 04:29:01
nessus
nessus
Vanilla Forums Header Injection Remote Code Execution
2017-11-17 00:00:00
prion
prion
Design/Logic Flaw
2017-05-23 04:29:00
zdt
zdt
Vanilla Forums < 2.3 - Remote Code Execution Exploit
2017-05-12 00:00:00
thn
thn
0-Day Flaws in Vanilla Forums Let Remote Attackers Hack Websites
2017-05-11 21:33:00
packetstorm
packetstorm
Vanilla Forums 2.3 Remote Code Execution
2017-05-12 00:00:00
seebug
seebug
Vanilla Forums <= 2.3 Unauth Remote Code Execution (CVE-2016-10033)
2017-05-12 00:00:00
exploitpack
exploitpack
Vanilla Forums 2.3 - Remote Code Execution
2017-05-11 00:00:00
threatpost
threatpost
exploitdb
exploitdb
Vanilla Forums < 2.3 - Remote Code Execution
2017-05-11 00:00:00