CVE-2026-25923

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...

CVE-2026-25923

CVE-2026-25923 affects My Little Forum (PHP/MySQL). Before version 20260208.1, URL validation fails to filter the phar:// protocol, enabling an attacker to upload a malicious Phar Polyglot file (disguised as JPEG) via the image upload feature. The exploit triggers Phar deserialization during BBCo...

PT-2026-7178

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...

EUVD-2006-6021

Malware in sbrugna...

EUVD-2006-1898

Malware in sbrugna...

EUVD-2006-7070

Malware in sbrugna...

EUVD-2009-3185

Malware in sbrugna...

EUVD-2007-2177

Malware in sbrugna...

CVE-2025-10604

A vulnerability was identified in PHPGurukul Online Discussion Forum 1.0. This affects an unknown part of the file /admin/editmember.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2023-41538

phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting XSS via the keyword parameter...

CVE-2023-41538

phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting XSS via the keyword parameter...

CVE-2023-41538

phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting XSS via the keyword parameter...

Cross site scripting

phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting XSS via the keyword parameter...

CVE-2023-41538

phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting XSS via the keyword parameter...

CVE-2023-41538

PHPJabbers PHP Forum Script 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability via the keyword parameter. Unauthenticated attackers can inject malicious JavaScript through the keyword parameter, potentially stealing forum administrator session cookies and accessing sensitive discussion...

PT-2023-27965 · Phpjabbers · Phpjabbers Php Forum Script

Name of the Vulnerable Software and Affected Versions: phpjabbers PHP Forum Script version 3.0 Description: The issue concerns a Cross Site Scripting XSS flaw via the keyword parameter. This allows for potential malicious script injection, affecting the security of the application. Recommendation...

HadSky 代码问题漏洞

HadSky is an original open source php light forum system from China's HadSky company. A security vulnerability exists in HadSky version 7.7.16, which stems from the presence of unrestricted uploads...

PunBB Cross-Site Scripting Vulnerability (CNVD-2021-22158)

PunBB is a lightweight PHP-based forum system distributed under the GNU General Public License. A cross-site scripting vulnerability exists in the email BBcode tag in versions of PunBB prior to 1.4.6. An attacker can exploit this vulnerability to inject arbitrary JavaScript into any forum message...

PHP Forum Script v3.0 - SQL Injection

PHP Forum Script v3. 0 - SQL Injection PHP Forum Script v3. 0, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you turn off the error display, you can use the time-based and...

PHP Forum Script 3.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP Forum Script v3.0 - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/php-forum-script/ Demo:...