SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 up to and including 7.02.05 allows remote malicious users to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php-fusion php-fusion 7.02.02 |
||
php-fusion php-fusion 7.02.03 |
||
php-fusion php-fusion 7.02.01 |
||
php-fusion php-fusion 7.02.04 |
||
php-fusion php-fusion 7.02.05 |