Lucene search
K

252 matches found

CNNVD
CNNVD
added 2026/04/05 12:0 a.m.10 views

phpBB 路径遍历漏洞

phpBB is an open-source web forum software based on the PHP language. This software supports multiple languages, various databases, and custom layout designs. phpBB has a path traversal vulnerability, which stems from an arbitrary file upload vulnerability. This vulnerability could allow verified...

5.9AI score0.00183EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/04 3:30 p.m.2 views

EUVD-2018-21752

MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users...

7.2CVSS5.9AI score0.00201EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

Xenforo 代码注入漏洞

Xenforo is a forum software developed by the Xenforo company. Versions of XenForo prior to 2.3.7 had a code injection vulnerability. This vulnerability stemmed from improper restrictions on methods that could be called within templates, allowing unauthorized method calls to occur...

9.8CVSS5.9AI score0.00333EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 12:56 a.m.5 views

EUVD-2026-10422

flarum/nicknames extension has display name injection in notification emails autolink & markdown...

4.6CVSS5.8AI score0.00165EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/09 9:56 p.m.33 views

CVE-2026-25923 Phar Deserialization leading to Arbitrary File Deletion in my little forum

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...

8.7CVSS0.00435EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/02/09 9:56 p.m.6 views

CVE-2026-25923

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...

8.7CVSS5.8AI score0.00435EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.11 views

my little forum 代码问题漏洞

My Little Forum is an open-source online forum system based on PHP and MySQL. Versions prior to 20260208.1 had code vulnerabilities; these vulnerabilities stemmed from URL validation not filtering the phar protocol, which could lead to arbitrary file deletion...

9.1CVSS6AI score0.00435EPSS
Exploits1References2
NVD
NVD
added 2026/01/23 5:15 p.m.12 views

CVE-2018-25132

MyBB Trending Widget Plugin 1.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through thread titles. Attackers can modify thread titles with script payloads that will execute when other users view the trending widget...

6.1CVSS0.00203EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.9 views

Thread Redirect plugin for MyBB – Cross-site scripting vulnerabilities

The Thread Redirect plugin for MyBB is a plugin developed by Jamie Sage, an individual developer. The Thread Redirect plugin for MyBB version 0.2.1 has a cross-site scripting vulnerability. This vulnerability stems from improper cleaning of custom text input fields, which may lead to cross-site...

6.1CVSS5.6AI score0.00278EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.9 views

CVE-2023-43187

A remote code execution RCE vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests...

9.8CVSS8.3AI score0.45401EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/23 12:30 a.m.5 views

EUVD-2023-60241

MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration...

8.8CVSS7.1AI score0.00703EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/22 3:11 p.m.4 views

EUVD-2025-35589

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...

8.8CVSS7.7AI score0.00294EPSS
Exploits0References2
CVE
CVE
added 2025/10/22 3:11 p.m.18 views

CVE-2025-62606

CVE-2025-62606 affects My Little Forum (PHP/MySQL). Before version 2.5.12, an authenticated SQL injection vulnerability exists in the bookmark reordering feature, allowing any logged-in user to execute arbitrary SQL commands. This can lead to a full compromise of the application’s database (read,...

8.8CVSS7.8AI score0.00294EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/22 3:11 p.m.4 views

CVE-2025-62606 my little forum vulnerable to SQL Injection in Bookmark Reordering via bookmarks parameter

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...

8.8CVSS7.8AI score0.00294EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-2408

Malware in sbrugna...

9CVSS6.9AI score0.01275EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-2372

Malware in sbrugna...

5CVSS5.4AI score0.25843EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-5150

Malware in sbrugna...

4.3CVSS6.4AI score0.01022EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2005-2902

Malware in sbrugna...

7.5CVSS6.4AI score0.01346EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-2354

Malware in sbrugna...

9.8CVSS8.1AI score0.02294EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16667

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00284EPSS
Exploits0References3
Rows per page
Query Builder