Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1803
Multiple SQL injection vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote malicious users to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated users with certain permissions to execute arbitrary SQL commands via a (2) ...
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.02
1 EDB exploit
NA
CVE-2013-1807
PHP-Fusion prior to 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote malicious users to obtain sensitive information via a direct request to the backup file in administration/db_backups/.
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.03
1 EDB exploit
NA
CVE-2013-1804
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote malicious users to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php; or remote authenticated users with certain permissions to inject arbitra...
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.03
1 EDB exploit
NA
CVE-2013-1806
Multiple directory traversal vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files...
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.01
1 EDB exploit
NA
CVE-2013-7375
SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 up to and including 7.02.05 allows remote malicious users to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803.
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.05
1 EDB exploit
NA
CVE-2005-4517
SQL injection vulnerability in PHP-Fusion 6.00.200 up to and including 6.00.300 allows remote malicious users to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php.
Php Fusion Php Fusion 6.00.200
Php Fusion Php Fusion 6.00.206
Php Fusion Php Fusion 6.00.207
Php Fusion Php Fusion 6.00.300
1 EDB exploit
NA
CVE-2009-3281
The vmx86 kernel extension in VMware Fusion prior to 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors.
Vmware Fusion 1.1.2
Vmware Fusion 1.1.1
Vmware Fusion 1.1
Vmware Fusion 1.0
Vmware Fusion 2.0.3
Vmware Fusion 2.0.1
Vmware Fusion 1.1.3
Vmware Fusion 2.0.4
Vmware Fusion
Vmware Fusion 2.0.2
Vmware Fusion 2.0
1 EDB exploit
NA
CVE-2009-3282
Integer overflow in the vmx86 kernel extension in VMware Fusion prior to 2.0.6 build 196839 allows host OS users to cause a denial of service to the host OS via unspecified vectors.
Vmware Fusion 2.0
Vmware Fusion 1.1.3
Vmware Fusion 1.1.2
Vmware Fusion 1.1.1
Vmware Fusion
Vmware Fusion 2.0.2
Vmware Fusion 1.0
Vmware Fusion 2.0.4
Vmware Fusion 2.0.3
Vmware Fusion 2.0.1
Vmware Fusion 1.1
NA
CVE-2012-1677
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote malicious users to affect integrity via unknown vectors.
Oracle Fusion Middleware 10.1
Oracle Fusion Middleware 10.1.3.3.2
Oracle Fusion Middleware 10.1.2.3
Oracle Fusion Middleware 10.1.3.4.2
Oracle Fusion Middleware 28.2.3
Oracle Fusion Middleware 6.0
Oracle Fusion Middleware 6.1
Oracle Fusion Middleware 10.1.3.5.1
Oracle Fusion Middleware 7.0.2
Oracle Fusion Middleware 7.0
Oracle Fusion Middleware 11.1.1.5.0
Oracle Fusion Middleware 10.1.3.4.1
Oracle Fusion Middleware 10.3.3
Oracle Fusion Middleware 11.1.1
Oracle Fusion Middleware 11.1.1.3.0
Oracle Fusion Middleware 7.6.1
Oracle Fusion Middleware 7.5
Oracle Fusion Middleware 28.2.4
Oracle Fusion Middleware 27.7.3
Oracle Fusion Middleware 27.7.2
Oracle Fusion Middleware 7.5.2
Oracle Fusion Middleware 11.1.1.2.0
NA
CVE-2012-1695
Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and previous versions, and JDK/JRE 5 and 6 27.7.1 and previous versions, allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors.
Oracle Fusion Middleware 11.1
Oracle Fusion Middleware 11.1.1
Oracle Fusion Middleware 10.1.3.4.1
Oracle Fusion Middleware 10.1.3.3.2
Oracle Fusion Middleware 10.1.3.5
Oracle Fusion Middleware 11.1.1.2.0
Oracle Fusion Middleware
Oracle Fusion Middleware 11.1.1.4.0
Oracle Fusion Middleware 8.3.5.0
Oracle Fusion Middleware 11.1.1.3.0
Oracle Fusion Middleware 10.3.5
Oracle Fusion Middleware 10.1.2.3
Oracle Fusion Middleware 7.5.2
Oracle Fusion Middleware 10.0.2
Oracle Fusion Middleware 10.3.3
Oracle Fusion Middleware 10.1.4.3
Oracle Fusion Middleware 11.1.1.1.0
Oracle Fusion Middleware 10.1
Oracle Fusion Middleware 9.2.4
Oracle Fusion Middleware 8.3.2.0
Oracle Fusion Middleware 11.1.1.5.0
Oracle Fusion Middleware 10.3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »