CVE-2005-3740

2005-11-2211:00:00

mitre

www.cve.org

AI Score

8.5

Confidence

Low

EPSS

0.009

Percentile

82.8%

JSON

Multiple SQL injection vulnerabilities in PHP-Fusion 6.00.206 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the forum_id parameter to options.php or (2) lastvisited parameter to viewforum.php.

References

myblog.it-security23.net/advisories/advisory-6.txt

seclists.org/lists/bugtraq/2005/Nov/0232.html

seclists.org/lists/bugtraq/2005/Nov/0237.html

secunia.com/advisories/17664

www.osvdb.org/20991

www.osvdb.org/20992

www.securityfocus.com/bid/15502

www.vupen.com/english/advisories/2005/2504