My-Little-Forum Mylittleforum vulnerabilities
2 known vulnerabilities affecting my-little-forum/mylittleforum.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-62606P3HIGHCVSS 8.8fixed in 2.5.122025-10-22
CVE-2025-62606 [HIGH] CWE-89 CVE-2025-62606: my little forum is a PHP and MySQL based internet forum that displays the messages in classical thre
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a full compromise of the application's database, including r
nvd
CVE-2026-25923P3CRITICALCVSS 9.1fixed in 20260208.12026-02-09
CVE-2026-25923 [CRITICAL] CWE-434 CVE-2026-25923: my little forum is a PHP and MySQL based internet forum that displays the messages in classical thre
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file (disguised as JPEG) via the image upload feature, trigger Phar deserialization throug
nvd