HIGH🇵🇱 Wersja polska

CVE-2025-31118

CVSS 7.1v3.1pub. 2025-04-18upd. 2025-05-13

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature (view_topic.php) does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction, resulting in an uncontrolled surge of posts that can disrupt normal operations. This issue has been patched in version 2.2.0.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  • Namelessmc Nameless

    APP
    Namelessmc
    < 2.2.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-54117CRITICAL9.0PL ✓ten sam produkt

XSS w edytorze tekstu panelu administracyjnego NamelessMC

CVE-2025-22144CRITICAL9.0PL ✓ten sam produkt

NamelessMC — przejęcie konta przez pusty kod resetowania hasła

CVE-2025-54421HIGH7.2ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS...

CVE-2025-30357HIGH7.3ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prio...

CVE-2025-29784HIGH7.5ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prio...