Vanilla Forums

Pierluigi Paganini May 12, 2017
UPDATED – Vanilla Forums software is still affected by a critical remote code execution zero-day first reported in December 2016.

The popular Vanilla Forums software is still affected by a critical remote code execution zero-day first reported to the development team in December 2016. The exploit code was published by ExploitBox, a remote attacker can chain the flaw with the Host Header injection vulnerability CVE-2016-10073 to execute arbitrary code and take the control of the affected […]