Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-fusion php-fusion - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1845
SQL injection vulnerability in show_event.php in the Expanded Calendar (calendar_panel) 2.00 module for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the m_month parameter.
Php Fusion Expanded Calendar Module 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2005-4517
SQL injection vulnerability in PHP-Fusion 6.00.200 up to and including 6.00.300 allows remote malicious users to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php.
Php Fusion Php Fusion 6.00.200
Php Fusion Php Fusion 6.00.206
Php Fusion Php Fusion 6.00.207
Php Fusion Php Fusion 6.00.300
1 EDB exploit
7.5
CVSSv2
CVE-2005-4005
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote malicious users to obtain path information and possibly execute arbitrary SQL commands via the srch_text parameter in a Search and Sort option to messages.php.
Php Fusion Php Fusion 6.00.109
1 EDB exploit
7.5
CVSSv2
CVE-2005-3740
Multiple SQL injection vulnerabilities in PHP-Fusion 6.00.206 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the forum_id parameter to options.php or (2) lastvisited parameter to viewforum.php.
Php Fusion Php Fusion
7.5
CVSSv2
CVE-2005-3158
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote malicious users to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, a different vulnerability than CVE-2005-3157 and CVE-2005-3159.
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.107
7.5
CVSSv2
CVE-2005-3159
SQL injection vulnerability in messages.php in PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158.
1 EDB exploit
7.5
CVSSv2
CVE-2005-3160
Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusion allow remote malicious users to execute arbitrary SQL commands via the (1) album and (2) photo parameters.
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.108
Php Fusion Php Fusion 6.00.109
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.104
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.105
7.5
CVSSv2
CVE-2005-3157
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote malicious users to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 and CVE-2005-3159.
Php Fusion Php Fusion 6.00.109
1 EDB exploit
7.5
CVSSv2
CVE-2005-3161
Multiple SQL injection vulnerabilities in PHP-Fusion prior to 6.00.110 allow remote malicious users to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php.
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.108
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.109
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.104
7.5
CVSSv2
CVE-2004-2437
SQL injection vulnerability in PHP-Fusion 4.01 allows remote malicious users to execute arbitrary SQL commands via the rowstart parameter to (1) index.php or (2) members.php, or (3) the comment_id parameter to comments.php.
Php Fusion Php Fusion 4.01
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »