Vulnerability Database

309,776

Total vulnerabilities in the database

CVE-2012-4954

The edit-profile page in Vanilla Forums before 2.1a32 allows remote authenticated users to modify arbitrary profile settings by replacing the UserID value during a man-in-the-middle attack, related to a "parameter manipulation" issue.

  • Published: Nov 15, 2012
  • Updated: Nov 9, 2025
  • CVE: CVE-2012-4954
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 3.5
  • AV:N/AC:M/Au:S/C:N/I:P/A:N

CWEs:

Software From Fixed in
vanillaforums / vanilla_forums - 2.1.x
vanillaforums / vanilla 2.0.16 2.0.16.x
vanillaforums / vanilla 2.0.0 2.0.0.x
vanillaforums / vanilla 2.0.1 2.0.1.x
vanillaforums / vanilla 2.0.2 2.0.2.x
vanillaforums / vanilla 2.0.3 2.0.3.x
vanillaforums / vanilla 2.0.4 2.0.4.x
vanillaforums / vanilla 2.0.5 2.0.5.x
vanillaforums / vanilla 2.0.6 2.0.6.x
vanillaforums / vanilla 2.0.7 2.0.7.x
vanillaforums / vanilla 2.0.8 2.0.8.x
vanillaforums / vanilla 2.0.9 2.0.9.x
vanillaforums / vanilla 2.0.10 2.0.10.x
vanillaforums / vanilla 2.0.11 2.0.11.x
vanillaforums / vanilla 2.0.12 2.0.12.x
vanillaforums / vanilla 2.0.13 2.0.13.x
vanillaforums / vanilla 2.0.14 2.0.14.x
vanillaforums / vanilla 2.0.15 2.0.15.x
vanillaforums / vanilla 2.0.16.1 2.0.16.1.x
vanillaforums / vanilla 2.0.17 2.0.17.x
vanillaforums / vanilla 2.0.17.1 2.0.17.1.x
vanillaforums / vanilla 2.0.17.2 2.0.17.2.x
vanillaforums / vanilla 2.0.17.3 2.0.17.3.x
vanillaforums / vanilla 2.0.17.4 2.0.17.4.x
vanillaforums / vanilla 2.0.17.5 2.0.17.5.x
vanillaforums / vanilla 2.0.17.6 2.0.17.6.x
vanillaforums / vanilla 2.0.17.7 2.0.17.7.x
vanillaforums / vanilla 2.0.17.8 2.0.17.8.x
vanillaforums / vanilla 2.0.17.9 2.0.17.9.x
vanillaforums / vanilla 2.0.17.10 2.0.17.10.x
vanillaforums / vanilla 2.0.18-alpha3 2.0.18-alpha3.x
vanillaforums / vanilla 2.0.18-beta1 2.0.18-beta1.x
vanillaforums / vanilla 2.0.18-beta2 2.0.18-beta2.x
vanillaforums / vanilla 2.0.18-beta4 2.0.18-beta4.x
vanillaforums / vanilla 2.0.18-rc1 2.0.18-rc1.x
vanillaforums / vanilla 2.0.18-rc2 2.0.18-rc2.x
vanillaforums / vanilla 2.0.18-rc3 2.0.18-rc3.x
vanillaforums / vanilla 2.0.18 2.0.18.x
vanillaforums / vanilla 2.0.18.1 2.0.18.1.x
vanillaforums / vanilla 2.0.18.3 2.0.18.3.x
vanillaforums / vanilla - 2.0.18.4.x