4 matches found
Multiple Vulnerabilities in my little forum
Advisory ID: HTB23248 Product: my little forum Vendor: http://mylittleforum.net/ Vulnerable Versions: 2.3.3 and probably prior Tested Version: 2.3.3 Advisory Publication: January 14, 2015 without technical details Vendor Notification: January 14, 2015 Vendor Patch: February 8, 2015 Public...
CVE-2015-1435
CVE-2015-1435 is a cross-site scripting (XSS) vulnerability in my little forum prior to version 2.3.4. The flaw arises because the back parameter in index.php is not properly sanitized before reflecting content back to the user, enabling an attacker to inject arbitrary HTML/JavaScript into the br...
CVE-2015-1435
Cross-site scripting XSS vulnerability in my little forum before 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the back parameter to index.php...
My Little Forum 2.3.3 Cross Site Scripting / SQL Injection Vulnerabilities
My Little Forum version 2.3.3 suffers from cross site scripting and remote SQL injection vulnerabilities. Product: my little forum Vendor: http://mylittleforum.net/ Vulnerable Versions: 2.3.3 and probably prior Tested Version: 2.3.3 Advisory Publication: January 14, 2015 without technical details...