Vulnerabilities (CVE)

Filtered by vendor Mylittleforum Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-12253	1 Mylittleforum	1 My Little Forum	2019-05-21	5.8 MEDIUM	6.5 MEDIUM
my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=posting&delete_posting.
CVE-2018-15569	1 Mylittleforum	1 My Little Forum	2018-10-12	4.3 MEDIUM	6.5 MEDIUM
my little forum 2.4.12 allows CSRF for deletion of users.
CVE-2018-14936	1 Mylittleforum	1 My Little Forum	2018-09-27	3.5 LOW	4.8 MEDIUM
The Add page option in my little forum 2.4.12 allows XSS via the Title field.
CVE-2018-14937	1 Mylittleforum	1 My Little Forum	2018-09-27	3.5 LOW	4.8 MEDIUM
The Add page option in my little forum 2.4.12 allows XSS via the Menu Link field.