EUVD-2014-8433

Malware in sbrugna...

PHP-Fusion 7.02.07 Blind SQL Injection

============================================= MGC ALERT 2015-002 - Original release date: September 18, 2015 - Last revised: October 05, 2015 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score ============================================= I. VULNERABILITY...

PHP-Fusion 7.02.07 /administration/submissions.php SQL注入漏洞

/administration/submissions.phpif isset$GET'action' && $GET'action' == "2" && isset$GET't' && $GET't' == "n" if isset$POST'publish' && isset$GET'submitid' && isnum$GET'submitid' $result = dbquery"SELECT ts., tu.userid, tu.username FROM ".DBSUBMISSIONS." ts LEFT JOIN ".DBUSERS." tu ON...

Sql injection

Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to execute arbitrary SQL commands via the 1 submitid parameter in a 2 action to files/administration/submissions.php or 2 status parameter to files/administration/members.php...

CVE-2014-8596

PHP-Fusion 7.02.07 is affected by multiple SQL injection vulnerabilities. The flaws allow remote authenticated users to execute arbitrary SQL via (1) the submit_id parameter in files/administration/submissions.php (action=2) and (2) the status parameter in files/administration/members.php. The ro...

PHP-Fusion 7.02.07 SQL Injection

Exploit Title: PHP-Fusion 7.02.07 SQL Injection Date: 06/11/2014 Exploit Author: Mauricio Correa Vendor Homepage: www.php-fusion.co.uk Software Link: http://ufpr.dl.sourceforge.net/project/php-fusion/PHP-Fusion%20Archives/7.x/ PHP-Fusion-7.02.07.zip Version: 7.02.07 Tested on: Linux OS Debian CVE...

PHP-Fusion 7.02.07 - SQL Injection

Exploit Title: PHP-Fusion 7.02.07 SQL Injection Date: 06/11/2014 Exploit Author: Mauricio Correa Vendor Homepage: www.php-fusion.co.uk Software Link: http://ufpr.dl.sourceforge.net/project/php-fusion/PHP-Fusion%20Archives/7.x/ PHP-Fusion-7.02.07.zip Version: 7.02.07 Tested on: Linux OS Debian CVE...