Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-fusion vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-5187
SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the sel parameter.
Php-fusion Expanded Calendar Module 2.01
1 EDB exploit
755
VMScore
CVE-2008-4521
SQL injection vulnerability in thisraidprogress.php in the World of Warcraft tracker infusion (raidtracker_panel) module 2.0 for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the INFO_RAID_ID parameter.
Php-fusion World Of Warcraft Tracker Infusion Module 2.0
1 EDB exploit
NA
CVE-2013-1805
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1806. Reason: This issue was MERGED into CVE-2013-1806 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. Notes: All CVE users should referen...
1 EDB exploit
NA
CVE-2020-356871
PHP-Fusion version 9.03.90 suffers from a cross site request forgery vulnerability.
755
VMScore
CVE-2009-3119
SQL injection vulnerability in screen.php in the Download System mSF (dsmsf) module for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the view_id parameter.
X-iweb.ru Download System Msf
1 EDB exploit
755
VMScore
CVE-2005-3159
SQL injection vulnerability in messages.php in PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158.
1 EDB exploit
685
VMScore
CVE-2011-0512
SQL injection vulnerability in team.php in the Teams Structure module 3.0 for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the team_id parameter.
Jikaka Teams Structure Module 3.0
1 EDB exploit
755
VMScore
CVE-2007-1980
SQL injection vulnerability in index.php in the Topliste 1.0 module for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Nick Jones Topliste Module 1.0
1 EDB exploit
755
VMScore
CVE-2009-0832
SQL injection vulnerability in items.php in the E-Cart module 1.3 for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the CA parameter.
Ausimods E-cart 1.3
1 EDB exploit
755
VMScore
CVE-2010-4791
SQL injection vulnerability in infusions/mg_user_fotoalbum_panel/mg_user_fotoalbum.php in the MG User-Fotoalbum (mg_user_fotoalbum_panel) module 1.0.1 for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the album_id parameter.
Marcusg Mg User Fotoalbum Panel 1.0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »