Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-fusion php-fusion - vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2005-3739
Unspecified vulnerability in subheader.php in PHP-Fusion 6.00.206 and previous versions allows remote malicious users to obtain the full path via unspecified vectors.
445
VMScore
CVE-2005-2401
PHP-Fusion allows remote malicious users to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag.
Php Fusion Php Fusion 4.01
Php Fusion Php Fusion 6.0.105
Php Fusion Php Fusion 4.00
Php Fusion Php Fusion 6.0.106
Php Fusion Php Fusion 5.0
Php Fusion Php Fusion 5.01 Service Pack
445
VMScore
CVE-2004-1723
The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion 4.00 allow remote malicious users to obtain sensitive information via a direct HTTP request, which reveals the installation path in an error message.
Php Fusion Php Fusion 4.00
436
VMScore
CVE-2020-23182
The component /php-fusion/infusions/shoutbox_panel/shoutbox_archive.php in PHP-Fusion 9.03.60 allows malicious users to redirect victim users to malicious websites via a crafted payload entered into the Shoutbox message panel.
Php-fusion Php-fusion 9.03.60
435
VMScore
CVE-2013-1804
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote malicious users to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php; or remote authenticated users with certain permissions to inject arbitra...
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion 7.02.04
1 EDB exploit
435
VMScore
CVE-2012-6043
Cross-site scripting (XSS) vulnerability in downloads.php in PHP-Fusion 7.02.04 allows remote malicious users to inject arbitrary web script or HTML via the cat_id parameter.
Php-fusion Php-fusion 7.02.04
1 EDB exploit
435
VMScore
CVE-2005-4516
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00.200 up to and including 6.00.300 allow remote malicious users to inject arbitrary web script or HTML via (1) the sortby parameter in members.php and (2) IMG tags.
Php Fusion Php Fusion 6.00.207
Php Fusion Php Fusion 6.00.200
Php Fusion Php Fusion 6.00.205
Php Fusion Php Fusion 6.00.206
Php Fusion Php Fusion 6.00.204
Php Fusion Php Fusion 6.00.300
1 EDB exploit
435
VMScore
CVE-2005-2783
Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and previous versions allows remote malicious users to inject arbitrary web script or HTML via nested, malformed URL BBCode tags.
Php Fusion Php Fusion 4.01
Php Fusion Php Fusion 6.0.105
Php Fusion Php Fusion 4.00
Php Fusion Php Fusion 6.0.106
Php Fusion Php Fusion 5.0
Php Fusion Php Fusion 5.01 Service Pack
Php Fusion Php Fusion 6.0.107
1 EDB exploit
435
VMScore
CVE-2005-0829
Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote malicious users to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters.
Php Fusion Php Fusion 5.01
1 EDB exploit
383
VMScore
CVE-2014-8597
A reflected cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.07 allows remote malicious users to inject arbitrary web script or HTML via the status parameter in the CMS admin panel.
Php-fusion Phpfusion 7.02.07
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »