Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glfusion glfusion 1.1.2 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-1283
glFusion prior to 1.1.3 performs authentication with a user-provided password hash instead of a password, which allows remote malicious users to gain privileges by obtaining the hash and using it in the glf_password cookie, aka "User Masquerading." NOTE: this can be lev...
Glfusion Glfusion 1.1.0
Glfusion Glfusion 1.0.0
Glfusion Glfusion 1.0.1
Glfusion Glfusion 1.0.2
Glfusion Glfusion 1.1.1
Glfusion Glfusion
1 EDB exploit
7.5
CVSSv2
CVE-2009-4796
Multiple SQL injection vulnerabilities in the ExecuteQueries function in private/system/classes/listfactory.class.php in glFusion 1.1.2 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) order and (2) direction parameters to search.ph...
Glfusion Glfusion
Glfusion Glfusion 1.1.0
Glfusion Glfusion 1.1.1
Glfusion Glfusion 1.0.0
Glfusion Glfusion 1.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-1282
SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the glf_session cookie parameter.
Glfusion Glfusion 1.0.1
Glfusion Glfusion 1.0.0
Glfusion Glfusion 1.1.1
Glfusion Glfusion 1.1.0
Glfusion Glfusion
1 EDB exploit
4.3
CVSSv2
CVE-2009-1281
Cross-site scripting (XSS) vulnerability in glFusion prior to 1.1.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Glfusion Glfusion 1.1.1
Glfusion Glfusion 1.0.0
Glfusion Glfusion 1.0.1
Glfusion Glfusion
Glfusion Glfusion 1.1.0
1 EDB exploit
4.3
CVSSv2
CVE-2013-1466
Multiple cross-site scripting (XSS) vulnerabilities in glFusion prior to 1.2.2.pl4 allow remote malicious users to inject arbitrary web script or HTML via the (1) subject parameter to profiles.php; (2) address1, (3) address2, (4) calendar_type, (5) city, (6) state, (7) title, (8)...
Glfusion Glfusion 1.2.0.pl4
Glfusion Glfusion 1.2.0.pl5
Glfusion Glfusion 1.1.8.pl4
Glfusion Glfusion 1.1.8.pl3
Glfusion Glfusion 1.1.6.pl2
Glfusion Glfusion 1.1.6.pl1
Glfusion Glfusion 1.1.4.pl3
Glfusion Glfusion 1.1.4.pl2
Glfusion Glfusion 1.0.2
Glfusion Glfusion 1.0.1
Glfusion Glfusion 1.2.0
Glfusion Glfusion 1.2.0.pl1
Glfusion Glfusion 1.2.2
Glfusion Glfusion 1.2.2.pl1
Glfusion Glfusion 1.2.2.pl2
Glfusion Glfusion 1.1.8
Glfusion Glfusion 1.1.7
Glfusion Glfusion 1.1.5.pl2
Glfusion Glfusion 1.1.5.pl1
Glfusion Glfusion 1.1.2
Glfusion Glfusion 1.1.1
Glfusion Glfusion 1.0.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started