Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00.200 up to and including 6.00.300 allow remote malicious users to inject arbitrary web script or HTML via (1) the sortby parameter in members.php and (2) IMG tags.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php fusion php fusion 6.00.200 |
||
php fusion php fusion 6.00.204 |
||
php fusion php fusion 6.00.207 |
||
php fusion php fusion 6.00.300 |
||
php fusion php fusion 6.00.205 |
||
php fusion php fusion 6.00.206 |