Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

php fusion php fusion 6.00.107 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2005-3158
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote malicious users to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, a different vulnerability than CVE-2005-3157 and CVE-2005-3159.
Php Fusion Php Fusion 6.00.106Php Fusion Php Fusion 6.00.107
NA
CVE-2005-3160
Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusion allow remote malicious users to execute arbitrary SQL commands via the (1) album and (2) photo parameters.
Php Fusion Php Fusion 6.00.106Php Fusion Php Fusion 6.00.107Php Fusion Php Fusion 6.00.108Php Fusion Php Fusion 6.00.109Php Fusion Php Fusion 6.00.102Php Fusion Php Fusion 6.00.104Php Fusion Php Fusion 6.00.100Php Fusion Php Fusion 6.00.101Php Fusion Php Fusion 6.00.103Php Fusion Php Fusion 6.00.105
NA
CVE-2005-3161
Multiple SQL injection vulnerabilities in PHP-Fusion prior to 6.00.110 allow remote malicious users to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php.
Php Fusion Php Fusion 6.00.105Php Fusion Php Fusion 6.00.106Php Fusion Php Fusion 6.00.100Php Fusion Php Fusion 6.00.107Php Fusion Php Fusion 6.00.108Php Fusion Php Fusion 6.00.101Php Fusion Php Fusion 6.00.102Php Fusion Php Fusion 6.00.109Php Fusion Php Fusion 6.00.103Php Fusion Php Fusion 6.00.104
NA
CVE-2006-2330
PHP-Fusion 6.00.306 and previous versions, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which...
Php Fusion Php Fusion 6.00.110Php Fusion Php Fusion 6.00.204Php Fusion Php Fusion 6.00.107Php Fusion Php Fusion 6.00.109Php Fusion Php Fusion 6.00.206Php Fusion Php Fusion 6.00.3Php Fusion Php Fusion 6.00.303Php Fusion Php Fusion 6.00.105Php Fusion Php Fusion 6.00.106Php Fusion Php Fusion 6.00.304Php Fusion Php Fusion 6.00.306
NA
CVE-2006-2331
Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 allow remote malicious users to include and execute arbitrary local files via (1) a .. (dot dot) in the settings[locale] parameter in infusions/last_seen_users_panel/last_seen_users_panel.php, and (2) a .. (dot d...
Php Fusion Php Fusion 6.00.106Php Fusion Php Fusion 6.00.107Php Fusion Php Fusion 6.00.304Php Fusion Php Fusion 6.00.306Php Fusion Php Fusion 6.00.105Php Fusion Php Fusion 6.00.3Php Fusion Php Fusion 6.00.303Php Fusion Php Fusion 6.00.109Php Fusion Php Fusion 6.00.110Php Fusion Php Fusion 6.00.204Php Fusion Php Fusion 6.00.206
NA
CVE-2006-0593
Cross-site scripting (XSS) vulnerability in PHP-Fusion prior to 6.00.304 allows remote malicious users to inject arbitrary web script or HTML via the (1) shout_name field in shoutbox_panel.php and the (2) comments field in comments_include.php.
Php Fusion Php Fusion 6.00.103Php Fusion Php Fusion 6.00.104Php Fusion Php Fusion 6.00.204Php Fusion Php Fusion 6.00.205Php Fusion Php Fusion 6.00.105Php Fusion Php Fusion 6.00.106Php Fusion Php Fusion 6.00.206Php Fusion Php Fusion 6.00.207Php Fusion Php Fusion 6.00.101Php Fusion Php Fusion 6.00.102Php Fusion Php Fusion 6.00.109Php Fusion Php Fusion 6.00.110Php Fusion Php Fusion 6.00.200Php Fusion Php Fusion 6.00.100Php Fusion Php Fusion 6.00.107Php Fusion Php Fusion 6.00.108Php Fusion Php Fusion 6.00.300Php Fusion Php Fusion 6.00.303
NA
CVE-2006-3555
Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PHP-Fusion prior to 6.01.3 allow remote malicious users to inject arbitrary web script or HTML by using edit_profile.php to upload a (1) avatar or (2) forum image attachment that has a .gif or .jpg extension, an...
Php Fusion Php Fusion 6.00.102Php Fusion Php Fusion 6.00.103Php Fusion Php Fusion 6.00.110Php Fusion Php Fusion 6.00.200Php Fusion Php Fusion 6.00.304Php Fusion Php Fusion 6.00.306Php Fusion Php Fusion 6.0.105Php Fusion Php Fusion 6.00.104Php Fusion Php Fusion 6.00.105Php Fusion Php Fusion 6.00.204Php Fusion Php Fusion 6.00.205Php Fusion Php Fusion 6.00.307Php Fusion Php Fusion 6.01.2Php Fusion Php Fusion 6.0.106Php Fusion Php Fusion 6.0.107Php Fusion Php Fusion 6.00.106Php Fusion Php Fusion 6.00.107Php Fusion Php Fusion 6.00.206Php Fusion Php Fusion 6.00.207Php Fusion Php Fusion 6.00.100Php Fusion Php Fusion 6.00.101Php Fusion Php Fusion 6.00.108
NA
CVE-2005-2783
Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and previous versions allows remote malicious users to inject arbitrary web script or HTML via nested, malformed URL BBCode tags.
Php Fusion Php Fusion 6.0.105Php Fusion Php Fusion 6.0.106Php Fusion Php Fusion 6.0.107Php Fusion Php Fusion 4.00Php Fusion Php Fusion 4.01Php Fusion Php Fusion 5.0Php Fusion Php Fusion 5.01 Service Pack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook