HIGH🇬🇧 English

CVE-2025-31118

CVSS 7.1v3.1pub. 2025-04-18upd. 2025-05-13

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature (view_topic.php) does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction, resulting in an uncontrolled surge of posts that can disrupt normal operations. This issue has been patched in version 2.2.0.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  • Namelessmc Nameless

    APP
    Namelessmc
    < 2.2.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-54117CRITICAL9.0PL ✓ten sam produkt

XSS w edytorze tekstu panelu administracyjnego NamelessMC

CVE-2025-22144CRITICAL9.0PL ✓ten sam produkt

NamelessMC — przejęcie konta przez pusty kod resetowania hasła

CVE-2025-54421HIGH7.2ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS...

CVE-2025-30357HIGH7.3ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prio...

CVE-2025-29784HIGH7.5ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prio...