Mylittleforum My_little_forum
9 CVEs affecting Mylittleforum My_little_forum. Latest disclosed: 2026-02-09. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-25923 | Critical | 9.1 | 2026-02-09 | my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to fi… |
CVE-2019-12253 | Medium | 6.5 | 2019-05-21 | my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=posting&delete_posting. |
CVE-2018-15569 | Medium | 6.5 | 2018-08-20 | my little forum 2.4.12 allows CSRF for deletion of users. |
CVE-2018-14937 | Medium | 4.8 | 2018-08-05 | The Add page option in my little forum 2.4.12 allows XSS via the Menu Link field. |
CVE-2018-14936 | Medium | 4.8 | 2018-08-05 | The Add page option in my little forum 2.4.12 allows XSS via the Title field. |
CVE-2015-1435 | | 2015-02-16 | Cross-site scripting (XSS) vulnerability in my little forum before 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the back parameter… | |
CVE-2015-1434 | | 2015-02-16 | Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter paramet… | |
CVE-2015-1475 | | 2015-02-04 | Multiple cross-site scripting (XSS) vulnerabilities in my little forum 2.3.3, 2.2, and 1.7 allow remote attackers to inject arbitrary web script or HTML via th… | |
CVE-2010-2133 | | 2010-06-02 | SQL injection vulnerability in contact.php in My Little Forum allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vecto… |