5 matches found
CVE-2026-25923
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...
CVE-2026-25923
CVE-2026-25923 affects My Little Forum (PHP/MySQL). Before version 20260208.1, URL validation fails to filter the phar:// protocol, enabling an attacker to upload a malicious Phar Polyglot file (disguised as JPEG) via the image upload feature. The exploit triggers Phar deserialization during BBCo...
CVE-2026-25923 Phar Deserialization leading to Arbitrary File Deletion in my little forum
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...
CVE-2026-25923 Phar Deserialization leading to Arbitrary File Deletion in my little forum
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...
(WSS-Advisories-02003) PHPBB BBcode Process Vulnerability
WSS-Advisories-02003 PHPBB BBcode Process Vulnerability Release infomation ------------------ Release Date: 2001-4-4 Author: By Whitecell Security SystemsWSS tombkeeper [email protected] alert7 [email protected] Homepage: http://www.whitecell.org/ Impact: -------- WSS has found a...