Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php fusion php fusion 6.00.109 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4005
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote malicious users to obtain path information and possibly execute arbitrary SQL commands via the srch_text parameter in a Search and Sort option to messages.php.
Php Fusion Php Fusion 6.00.109
1 EDB exploit
NA
CVE-2005-3157
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote malicious users to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 and CVE-2005-3159.
Php Fusion Php Fusion 6.00.109
1 EDB exploit
NA
CVE-2005-3160
Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusion allow remote malicious users to execute arbitrary SQL commands via the (1) album and (2) photo parameters.
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.104
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.108
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.109
NA
CVE-2005-3161
Multiple SQL injection vulnerabilities in PHP-Fusion prior to 6.00.110 allow remote malicious users to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php.
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.104
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.108
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.109
NA
CVE-2006-2331
Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 allow remote malicious users to include and execute arbitrary local files via (1) a .. (dot dot) in the settings[locale] parameter in infusions/last_seen_users_panel/last_seen_users_panel.php, and (2) a .. (dot d...
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.303
Php Fusion Php Fusion 6.00.3
Php Fusion Php Fusion 6.00.306
Php Fusion Php Fusion 6.00.304
Php Fusion Php Fusion 6.00.110
Php Fusion Php Fusion 6.00.109
Php Fusion Php Fusion 6.00.206
Php Fusion Php Fusion 6.00.204
1 EDB exploit
NA
CVE-2006-2330
PHP-Fusion 6.00.306 and previous versions, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which...
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.303
Php Fusion Php Fusion 6.00.3
Php Fusion Php Fusion 6.00.306
Php Fusion Php Fusion 6.00.304
Php Fusion Php Fusion 6.00.110
Php Fusion Php Fusion 6.00.109
Php Fusion Php Fusion 6.00.206
Php Fusion Php Fusion 6.00.204
1 EDB exploit
NA
CVE-2006-0593
Cross-site scripting (XSS) vulnerability in PHP-Fusion prior to 6.00.304 allows remote malicious users to inject arbitrary web script or HTML via the (1) shout_name field in shoutbox_panel.php and the (2) comments field in comments_include.php.
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.303
Php Fusion Php Fusion 6.00.104
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.108
Php Fusion Php Fusion 6.00.207
Php Fusion Php Fusion 6.00.200
Php Fusion Php Fusion 6.00.110
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.205
Php Fusion Php Fusion 6.00.109
Php Fusion Php Fusion 6.00.206
Php Fusion Php Fusion 6.00.204
Php Fusion Php Fusion 6.00.300
NA
CVE-2006-3555
Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PHP-Fusion prior to 6.01.3 allow remote malicious users to inject arbitrary web script or HTML by using edit_profile.php to upload a (1) avatar or (2) forum image attachment that has a .gif or .jpg extension, an...
Php Fusion Php Fusion 6.00.307
Php Fusion Php Fusion 6.0.105
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.0.106
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.303
Php Fusion Php Fusion 6.00.3
Php Fusion Php Fusion 6.00.104
Php Fusion Php Fusion 6.01.2
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.108
Php Fusion Php Fusion 6.00.207
Php Fusion Php Fusion 6.00.306
Php Fusion Php Fusion 6.00.304
Php Fusion Php Fusion 6.00.200
Php Fusion Php Fusion 6.00.110
Php Fusion Php Fusion 6.0.107
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.205
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started