5 matches found
CVE-2026-25923
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...
CVE-2026-25923
The CVE describes a vulnerability in My Little Forum (PHP/MySQL) where the URL validation fails to filter the phar:// protocol before 20260208.1. This allows an attacker to upload a malicious Phar Polyglot disguised as a JPEG, trigger Phar deserialization via BBCode [img] processing, and leverage...
CVE-2026-25923 Phar Deserialization leading to Arbitrary File Deletion in my little forum
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...
CVE-2026-25923 Phar Deserialization leading to Arbitrary File Deletion in my little forum
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...
(WSS-Advisories-02003) PHPBB BBcode Process Vulnerability
WSS-Advisories-02003 PHPBB BBcode Process Vulnerability Release infomation ------------------ Release Date: 2001-4-4 Author: By Whitecell Security SystemsWSS tombkeeper [email protected] alert7 [email protected] Homepage: http://www.whitecell.org/ Impact: -------- WSS has found a...