My Little Forum@* Security Vulnerabilities and Issues — My Little Forum@* CVE List

Lucene search

MylittleforumMy Little Forum*

3 matches found

CVE•added 2015/02/16 3:59 p.m.•40 views

CVE-2015-1434

Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category parameter to index.php.

6.5CVSS8.5AI score0.00437EPSS

CVE•added 2015/02/16 3:59 p.m.•39 views

CVE-2015-1435

Cross-site scripting (XSS) vulnerability in my little forum before 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the back parameter to index.php.

4.3CVSS5.7AI score0.00886EPSS

CVE•added 2019/05/21 5:29 p.m.•35 views

CVE-2019-12253

my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=posting&delete_posting.

6.5CVSS6.4AI score0.00117EPSS