PHPFusion Cross-Site Scripting Vulnerability (CNVD-2021-57462)

PHPFusion is a lightweight open source content management system. PHPFusion version 9.03.60 is vulnerable to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to conduct cross-site scripting attacks via 'New Shout' in /infusions/shoutboxpanel/shoutboxadmin.php...

CVE-2020-23702

Cross Site Scripting XSS vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutboxpanel/shoutboxadmin.php...

Cross site scripting

Cross Site Scripting XSS vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutboxpanel/shoutboxadmin.php...

CVE-2020-23702

Cross Site Scripting XSS vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutboxpanel/shoutboxadmin.php...

PHP-Fusion 跨站脚本漏洞

PHPFusion is a lightweight open source content management system. PHPFusion version 9.03.60 is vulnerable to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to conduct cross-site scripting attacks via 'New Shout' in /infusions/shoutboxpanel/shoutboxadmin.php...

PHP-Fusion cross-site scripting vulnerability (CNVD-2021-48513)

PHP-Fusion is a lightweight open source content management system. A stored cross-site scripting vulnerability exists in /administration/settingsecurity.php in PHP-Fusion version 9.03.60, which can be exploited by an attacker to execute arbitrary Web script or HTML...

CVE-2020-23185

A stored cross site scripting XSS vulnerability in /administration/settingsecurity.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2020-23184

A stored cross site scripting XSS vulnerability in /administration/settingsregistration.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Registration" field...

Php-fusion PHP-Fusion 跨站脚本漏洞

PHP-Fusion is a lightweight open source content management system. A stored cross-site scripting vulnerability exists in /administration/settingsecurity.php in PHP-Fusion version 9.03.60, which can be exploited by an attacker to execute arbitrary Web script or HTML...

Php-fusion PHP-Fusion跨站脚本漏洞

PHP-Fusion is a lightweight open source content management system. A stored cross-site scripting vulnerability exists in /administration/settingsregistration.php in PHP-Fusion version 9.03.60, which can be exploited to execute arbitrary web script or HTML via the "registration" field...

Php-fusion PHP-Fusion 输入验证错误漏洞

Php-fusion PHP-Fusion is an open source lightweight content management system based on MySql and PHP from Malaysia's PHP-Fusion Php-fusion. The system contains modules for news, articles and forums. PHP-Fusion suffers from an injection vulnerability that stems from a flaw in a component in...

PHP-Fusion <= 9.03.60 XSS Vulnerability

PHP-Fusion is prone to a cross-site scripting XSS vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

PHP-Fusion Cross-Site Scripting Vulnerability (CNVD-2020-49953)

PHP-Fusion is a lightweight open source content management system. PHP-Fusion 9.03.60 suffers from a cross-site scripting vulnerability that can be exploited by attackers via infusions/memberpollpanel/polladmin.php...

Cross site scripting

PHP-Fusion 9.03.60 is affected by Cross Site Scripting XSS via infusions/memberpollpanel/polladmin.php...

CVE-2020-23658

Summary: CVE-2020-23658 affects PHP-Fusion 9.03.60 with a Cross Site Scripting (XSS) vulnerability exploitable via infusions/member_poll_panel/poll_admin.php. Affected software: PHP-Fusion 9.03.60 (admin/poll panel infusion). Root cause / impact: XSS vulnerability; impact details state confidenti...

CVE-2020-23658

PHP-Fusion 9.03.60 is affected by Cross Site Scripting XSS via infusions/memberpollpanel/polladmin.php...

CVE-2020-15041

PHP-Fusion 9.03.60 allows XSS via the administration/sitelinks.php Add Site Link field...

PHP-Fusion 9.03.60 PHP Object Injection / SQL Injection

Exploit Title: PHP-Fusion v9.03.60, PHP Object Injection to SQL injection pre-auth Date: 2020-05-26 Exploit Author: coiffeur Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: v9.03.60 import sys import requests impo...