Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php fusion vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-1845
SQL injection vulnerability in show_event.php in the Expanded Calendar (calendar_panel) 2.00 module for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the m_month parameter.
Php Fusion Expanded Calendar Module 2.0
1 EDB exploit
755
VMScore
CVE-2008-4521
SQL injection vulnerability in thisraidprogress.php in the World of Warcraft tracker infusion (raidtracker_panel) module 2.0 for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the INFO_RAID_ID parameter.
Php-fusion World Of Warcraft Tracker Infusion Module 2.0
1 EDB exploit
755
VMScore
CVE-2006-4240
PHP remote file inclusion vulnerability in index.php in Fusion News 3.7 allows remote malicious users to execute arbitrary PHP code via a URL in the fpath parameter.
Fusionphp Fusion News 3.6.1
Fusionphp Fusion News 3.7
Fusionphp Fusion News 1.0
Fusionphp Fusion News 3.3
1 EDB exploit
668
VMScore
CVE-2006-7003
PHP remote file inclusion vulnerability in admin/index.php in Fusion Polls allows remote malicious users to execute arbitrary PHP code via a URL in the xtrphome parameter.
Fusionphp Fusion Polls
668
VMScore
CVE-2020-28904
Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and previous versions allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code.
Nagios Fusion
515
VMScore
CVE-2006-3387
Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is enabled, allows remote malicious users to include arbitrary files via a .. (dot dot) sequence in the fil_config parameter, which can be used to execute PHP code that has been inject...
Fusionphp Fusion News 1.0
1 EDB exploit
NA
CVE-2013-1805
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1806. Reason: This issue was MERGED into CVE-2013-1806 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. Notes: All CVE users should referen...
1 EDB exploit
755
VMScore
CVE-2009-3119
SQL injection vulnerability in screen.php in the Download System mSF (dsmsf) module for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the view_id parameter.
X-iweb.ru Download System Msf
1 EDB exploit
NA
CVE-2020-356871
PHP-Fusion version 9.03.90 suffers from a cross site request forgery vulnerability.
755
VMScore
CVE-2005-3159
SQL injection vulnerability in messages.php in PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158.
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »