Namelessmc

Nameless

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-32389

Exploit
  • EPSS 0.41%
  • Veröffentlicht 18.04.2025 15:56:39
  • Zuletzt bearbeitet 13.05.2025 15:23:15

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Prior to version 2.1.4, NamelessMC is vulnerable to SQL injection by providing an unexpected square bracket GET parameter syntax. Square bracket GET parameter syntax...

5.3

CVE-2025-31120

Exploit
  • EPSS 0.4%
  • Veröffentlicht 18.04.2025 15:52:57
  • Zuletzt bearbeitet 13.05.2025 15:24:49

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, an insecure view count mechanism in the forum page allows an unauthenticated attacker to artificially increase the view count. The applic...

7.1

CVE-2025-31118

Exploit
  • EPSS 0.45%
  • Veröffentlicht 18.04.2025 15:52:36
  • Zuletzt bearbeitet 13.05.2025 15:27:06

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature (view_topic.php) does not implement any spam prevention mechanism. This allows authenticated users to continuou...

6.8

CVE-2025-30357

Exploit
  • EPSS 0.38%
  • Veröffentlicht 18.04.2025 15:51:21
  • Zuletzt bearbeitet 13.05.2025 15:40:18

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delet...

7.1

CVE-2025-30158

Exploit
  • EPSS 0.45%
  • Veröffentlicht 18.04.2025 15:50:49
  • Zuletzt bearbeitet 13.05.2025 15:40:58

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height att...

7.5

CVE-2025-29784

Exploit
  • EPSS 0.54%
  • Veröffentlicht 18.04.2025 15:50:17
  • Zuletzt bearbeitet 13.05.2025 15:41:25

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the s parameter in GET requests for forum search functionality lacks length validation, allowing attackers to submit excessively long sea...

9.8

CVE-2025-22144

Exploit
  • EPSS 0.73%
  • Veröffentlicht 13.01.2025 20:15:29
  • Zuletzt bearbeitet 13.05.2025 15:42:53

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit permissions can validate users and an attacker can reset their password. When the account is successfully appro...

5.4

CVE-2025-22142

Exploit
  • EPSS 0.27%
  • Veröffentlicht 13.01.2025 20:15:29
  • Zuletzt bearbeitet 13.05.2025 15:19:03

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In affected versions an admin can add the ability to have users fill out an additional field and users can inject javascript code into it that would be activated onc...

7.5

CVE-2022-2821

Exploit
  • EPSS 1.12%
  • Veröffentlicht 15.08.2022 11:21:32
  • Zuletzt bearbeitet 21.11.2024 07:01:45

Missing Critical Step in Authentication in GitHub repository namelessmc/nameless prior to v2.0.2.

8.2

CVE-2022-2820

Exploit
  • EPSS 0.59%
  • Veröffentlicht 15.08.2022 11:21:31
  • Zuletzt bearbeitet 25.02.2026 15:19:05

Session Fixation in GitHub repository namelessmc/nameless prior to v2.0.2.