Mylittleforum » My Little Forum : Security Vulnerabilities, CVEs, CVSS score >= 6
my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=posting&delete_posting.
Max CVSS
6.5
EPSS Score
0.07%
Published
2019-05-21
Updated
2019-05-21
my little forum 2.4.12 allows CSRF for deletion of users.
Max CVSS
6.5
EPSS Score
0.05%
Published
2018-08-20
Updated
2018-10-12
Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category parameter to index.php.
Max CVSS
6.5
EPSS Score
1.56%
Published
2015-02-16
Updated
2019-03-13
SQL injection vulnerability in contact.php in My Little Forum allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-2942.
Max CVSS
7.5
EPSS Score
0.06%
Published
2010-06-02
Updated
2017-08-17
4 vulnerabilities found