8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.6%
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 and CVE-2005-3159.
marc.info/?l=bugtraq&m=112793982604963&w=2
rgod.altervista.org/phpfusion600109.html
secunia.com/advisories/16994
www.php-fusion.co.uk/news.php?readmore=259