2018-11-02 12:06:58 -04:00
|
|
|
{
|
2019-03-18 00:07:56 +00:00
|
|
|
"CVE_data_meta": {
|
|
|
|
"ASSIGNER": "cve@mitre.org",
|
|
|
|
"ID": "CVE-2018-18903",
|
|
|
|
"STATE": "PUBLIC"
|
|
|
|
},
|
|
|
|
"affects": {
|
|
|
|
"vendor": {
|
|
|
|
"vendor_data": [
|
|
|
|
{
|
|
|
|
"product": {
|
|
|
|
"product_data": [
|
|
|
|
{
|
|
|
|
"product_name": "n/a",
|
|
|
|
"version": {
|
|
|
|
"version_data": [
|
|
|
|
{
|
|
|
|
"version_value": "n/a"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
"vendor_name": "n/a"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"data_format": "MITRE",
|
|
|
|
"data_type": "CVE",
|
|
|
|
"data_version": "4.0",
|
|
|
|
"description": {
|
|
|
|
"description_data": [
|
2018-11-03 01:08:17 -04:00
|
|
|
{
|
2019-03-18 00:07:56 +00:00
|
|
|
"lang": "eng",
|
|
|
|
"value": "Vanilla 2.6.x before 2.6.4 allows remote code execution."
|
2018-11-03 01:08:17 -04:00
|
|
|
}
|
2019-03-18 00:07:56 +00:00
|
|
|
]
|
|
|
|
},
|
|
|
|
"problemtype": {
|
|
|
|
"problemtype_data": [
|
|
|
|
{
|
|
|
|
"description": [
|
|
|
|
{
|
|
|
|
"lang": "eng",
|
|
|
|
"value": "n/a"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
"references": {
|
|
|
|
"reference_data": [
|
|
|
|
{
|
|
|
|
"name": "https://srcincite.io/blog/2018/10/02/old-school-pwning-with-new-school-tricks-vanilla-forums-remote-code-execution.html",
|
|
|
|
"refsource": "MISC",
|
|
|
|
"url": "https://srcincite.io/blog/2018/10/02/old-school-pwning-with-new-school-tricks-vanilla-forums-remote-code-execution.html"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name": "https://github.com/vanilla/vanilla/releases/tag/Vanilla_2.6.4",
|
|
|
|
"refsource": "MISC",
|
|
|
|
"url": "https://github.com/vanilla/vanilla/releases/tag/Vanilla_2.6.4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name": "https://open.vanillaforums.com/discussion/36771/security-update-vanilla-2-6-4",
|
|
|
|
"refsource": "MISC",
|
|
|
|
"url": "https://open.vanillaforums.com/discussion/36771/security-update-vanilla-2-6-4"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|