PHP-Fusion: source code security analysis report

2013-06-18T00:00:00
ID APPERCUT:13
Type appercut
Reporter InfoWatch APPERCUT
Modified 2016-06-28T00:00:00

Description

Several vulnerabilities were discovered in PHP-Fusion 'PHP-Fusion' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Incorrect User Input Filtration when Using Regular Expressions while Calling the preg_replace Function Using Insufficiently Random Generators in Cryptography HttpOnly Cookies Incorrect User Input Filtration during SQL Request Generations Incorrect User Input Filtration when Generating Code on the Fly Using Obsolete jQuery Methods