9 matches found
EUVD-2023-54335
Malicious code in bioql PyPI...
PHPFusion <= 9.10.30 Multiple Vulnerabilities
PHPFusion is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php-fusion:php-fusion";...
The vulnerability of the Fusion File Manager component in the PHP-Fusion CMS system allows a hacker to gain access to read and modify files.
The vulnerability of the Fusion File Manager CMS system’s PHP-Fusion component is related to an incorrect limitation on the path name of the restricted directory. Exploiting this vulnerability allows a malicious actor to gain access to and modify files through a specially created HTTP request...
CVE-2023-4480
Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write fil...
CVE-2023-4480
Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write fil...
Design/Logic Flaw
Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write fil...
CVE-2023-4480 Arbitrary File Read in Fusion File Manager
Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write fil...
CVE-2023-4480
CVE-2023-4480 describes an out-of-date dependency in the Fusion File Manager (admin panel) that allows a crafted request to read arbitrary system files and write files to arbitrary locations, constrained by mime-type and file extension validation. The vulnerability affects the Fusion File Manager...
CVE-2023-4480 Arbitrary File Read in Fusion File Manager
Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write fil...