Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php fusion php fusion 6.00.107 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2005-3158
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote malicious users to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, a different vulnerability than CVE-2005-3157 and CVE-2005-3159.
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.107
668
VMScore
CVE-2005-3160
Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusion allow remote malicious users to execute arbitrary SQL commands via the (1) album and (2) photo parameters.
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.108
Php Fusion Php Fusion 6.00.109
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.104
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.105
668
VMScore
CVE-2005-3161
Multiple SQL injection vulnerabilities in PHP-Fusion prior to 6.00.110 allow remote malicious users to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php.
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.108
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.109
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.104
645
VMScore
CVE-2006-2330
PHP-Fusion 6.00.306 and previous versions, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which...
Php Fusion Php Fusion 6.00.110
Php Fusion Php Fusion 6.00.204
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.109
Php Fusion Php Fusion 6.00.206
Php Fusion Php Fusion 6.00.3
Php Fusion Php Fusion 6.00.303
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.304
Php Fusion Php Fusion 6.00.306
1 EDB exploit
645
VMScore
CVE-2006-2331
Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 allow remote malicious users to include and execute arbitrary local files via (1) a .. (dot dot) in the settings[locale] parameter in infusions/last_seen_users_panel/last_seen_users_panel.php, and (2) a .. (dot d...
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.304
Php Fusion Php Fusion 6.00.306
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.3
Php Fusion Php Fusion 6.00.303
Php Fusion Php Fusion 6.00.109
Php Fusion Php Fusion 6.00.110
Php Fusion Php Fusion 6.00.204
Php Fusion Php Fusion 6.00.206
1 EDB exploit
516
VMScore
CVE-2006-3555
Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PHP-Fusion prior to 6.01.3 allow remote malicious users to inject arbitrary web script or HTML by using edit_profile.php to upload a (1) avatar or (2) forum image attachment that has a .gif or .jpg extension, an...
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.110
Php Fusion Php Fusion 6.00.200
Php Fusion Php Fusion 6.00.304
Php Fusion Php Fusion 6.00.306
Php Fusion Php Fusion 6.0.105
Php Fusion Php Fusion 6.00.104
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.204
Php Fusion Php Fusion 6.00.205
Php Fusion Php Fusion 6.00.307
Php Fusion Php Fusion 6.01.2
Php Fusion Php Fusion 6.0.106
Php Fusion Php Fusion 6.0.107
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.206
Php Fusion Php Fusion 6.00.207
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.00.108
435
VMScore
CVE-2005-2783
Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and previous versions allows remote malicious users to inject arbitrary web script or HTML via nested, malformed URL BBCode tags.
Php Fusion Php Fusion 6.0.105
Php Fusion Php Fusion 6.0.106
Php Fusion Php Fusion 6.0.107
Php Fusion Php Fusion 4.00
Php Fusion Php Fusion 4.01
Php Fusion Php Fusion 5.0
Php Fusion Php Fusion 5.01 Service Pack
1 EDB exploit
383
VMScore
CVE-2006-0593
Cross-site scripting (XSS) vulnerability in PHP-Fusion prior to 6.00.304 allows remote malicious users to inject arbitrary web script or HTML via the (1) shout_name field in shoutbox_panel.php and the (2) comments field in comments_include.php.
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.104
Php Fusion Php Fusion 6.00.204
Php Fusion Php Fusion 6.00.205
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.206
Php Fusion Php Fusion 6.00.207
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.109
Php Fusion Php Fusion 6.00.110
Php Fusion Php Fusion 6.00.200
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.108
Php Fusion Php Fusion 6.00.300
Php Fusion Php Fusion 6.00.303
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started