Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php fusion php fusion 6.0 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2005-3159
SQL injection vulnerability in messages.php in PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158.
1 EDB exploit
505
VMScore
CVE-2005-2075
PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information via a direct request to the filename in the administration/db_backups dire...
Php Fusion Php Fusion 5.0
Php Fusion Php Fusion 6.0
1 EDB exploit
435
VMScore
CVE-2005-4516
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00.200 up to and including 6.00.300 allow remote malicious users to inject arbitrary web script or HTML via (1) the sortby parameter in members.php and (2) IMG tags.
Php Fusion Php Fusion 6.00.200
Php Fusion Php Fusion 6.00.204
Php Fusion Php Fusion 6.00.207
Php Fusion Php Fusion 6.00.300
Php Fusion Php Fusion 6.00.205
Php Fusion Php Fusion 6.00.206
1 EDB exploit
435
VMScore
CVE-2005-2783
Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and previous versions allows remote malicious users to inject arbitrary web script or HTML via nested, malformed URL BBCode tags.
Php Fusion Php Fusion 6.0.105
Php Fusion Php Fusion 6.0.106
Php Fusion Php Fusion 6.0.107
Php Fusion Php Fusion 4.00
Php Fusion Php Fusion 4.01
Php Fusion Php Fusion 5.0
Php Fusion Php Fusion 5.01 Service Pack
1 EDB exploit
265
VMScore
CVE-2006-4673
Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and previous versions uses the extract function on the superglobals, which allows remote malicious users to conduct SQL injection attacks via the _SERVER[REMOTE_ADDR] parameter to news.php.
Php Fusion Php Fusion 6.0.105
Php Fusion Php Fusion 6.0.106
Php Fusion Php Fusion 6.0.306
Php Fusion Php Fusion 6.0.307
Php Fusion Php Fusion 6.0.110
Php Fusion Php Fusion 6.0.204
Php Fusion Php Fusion 6.0.206
Php Fusion Php Fusion 6.0.107
Php Fusion Php Fusion 6.0.109
Php Fusion Php Fusion
Php Fusion Php Fusion 6.0.303
Php Fusion Php Fusion 6.0.304
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started