CVE-2026-42682

Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects wpForo Forum: from n/a through 3.0.6...

vBulletin 代码注入漏洞

vBulletin is an open-source web forum software based on PHP and MySQL developed by vBulletin Inc. Version vBulletin 6.x has a code injection vulnerability, which stems from improper operation of the Login component and may lead to cross-site scripting attacks...

xss-lab

xss-lab Simple xss...

CVE-2026-5985 code-projects Simple IT Discussion Forum crud.php sql injection

A security flaw has been discovered in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /crud.php. The manipulation of the argument userId results in sql injection. The attack may be performed from remote. The exploit has been released to the...

phpBB 路径遍历漏洞

phpBB is an open-source web forum software based on the PHP language. This software supports multiple languages, various databases, and custom layout designs. phpBB has a path traversal vulnerability, which stems from an arbitrary file upload vulnerability. This vulnerability could allow verified...

CVE-2026-25923

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...

my little forum 代码问题漏洞

My Little Forum is an open-source online forum system based on PHP and MySQL. Versions prior to 20260208.1 had code vulnerabilities; these vulnerabilities stemmed from URL validation not filtering the phar protocol, which could lead to arbitrary file deletion...

CVE-2025-62606

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...

EUVD-2011-4115

Malware in sbrugna...

EUVD-2004-2169

Malware in sbrugna...

EUVD-2006-0073

Malware in sbrugna...

EUVD-2011-3346

Malware in sbrugna...

EUVD-2011-3936

Malware in sbrugna...

EUVD-2004-2170

Malware in sbrugna...

EUVD-2011-3937

Malware in sbrugna...

EUVD-2002-2033

Malware in sbrugna...

EUVD-2006-5582

Malware in sbrugna...

Simple forum signin.php file SQL injection vulnerability

Simple forum is a simple forum. Simple forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter User in the file /signin.php. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...

MyBB 路径遍历漏洞

MyBB MyBulletinBoard is a free and Web-based forum software developed by MyBB team using PHP and MySQL. The software is easy to use, supports multiple languages, and is extensible. A path traversal vulnerability exists in versions of MyBB prior to 1.8.39, which stems from an upgrade component tha...

CVE-2011-3383

Cross-site scripting XSS vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to "the web page to be output."...