Lucene search
K

37 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2006-4230

Malware in sbrugna...

7.5CVSS6.4AI score0.03179EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2007-6267

Malware in sbrugna...

5CVSS6.4AI score0.00575EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-3383

Malware in sbrugna...

5.1CVSS6.4AI score0.01951EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Fusion News 1.0 (fil_config) - Remote File Inclusion (RFI)

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Fusion News 3.3 Unauthorized Account Addition Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8441/info Fusion News is prone to an access validation error allowing a user to add arbitrary user/administrator accounts through manipulating URI parameters. Successful exploitation of this error may allow a user to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Fusionphp Fusion News 3.6.1 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10203/info An attacker may be capable of executing arbitrary script code in a browser of a target user and within the context of a visited web site. This may potentially lead to theft of cookie based authentication...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

FusionPHP Fusion News 3.7 Index.PHP Remote File Include Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

FusionPHP Fusion News 3.3/3.6 Administrator Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10836/info It is reported that Fusion News is affected by an administrator command execution vulnerability. This issue is due to a failure of the application to properly validate access to administrative commands. This...

7.1AI score
Exploits0
NVD
NVD
added 2007/12/10 6:46 p.m.9 views

CVE-2007-6300

Cross-site request forgery CSRF vulnerability in Fusion News 3.9.0 allows remote attackers to perform unauthorized actions via unspecified vectors...

5CVSS6.9AI score0.00575EPSS
Exploits0References3
Prion
Prion
added 2007/12/10 6:46 p.m.14 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Fusion News 3.9.0 allows remote attackers to perform unauthorized actions via unspecified vectors...

5CVSS7.4AI score0.00575EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/12/10 6:0 p.m.44 views

CVE-2007-6300

The CVE-2007-6300 entry describes a Cross-site request forgery (CSRF) vulnerability in Fusion News 3.9.0. Affected software: Fusion News 3.9.0 (web application). What is vulnerable: CSRF vulnerability that could allow remote attackers to perform unauthorized actions via unspecified vectors. Conse...

5CVSS6.9AI score0.00575EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/12/10 6:0 p.m.15 views

CVE-2007-6300

Cross-site request forgery CSRF vulnerability in Fusion News 3.9.0 allows remote attackers to perform unauthorized actions via unspecified vectors...

6.9AI score0.00575EPSS
Exploits0References3
seebug.org
seebug.org
added 2006/12/10 12:0 a.m.53 views

FusionPHP Fusion News Index.PHP远程文件包含漏洞

Fusion News是一款基于PHP的新闻管理程序。 Fusion News不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是脚本对用户提交的WEB参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Fusionphp Fusion News 3.7 http://www.fusionphp.net/index.php?cat=fnews&page=features !/usr/bin/perl Aria-Security.net Advisory Discovered by: OUTLAW...

7.1AI score
Exploits0
NVD
NVD
added 2006/08/21 6:4 p.m.10 views

CVE-2006-4240

PHP remote file inclusion vulnerability in index.php in Fusion News 3.7 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter...

7.5CVSS7.5AI score0.03179EPSS
Exploits1References6
CVE
CVE
added 2006/08/21 6:0 p.m.42 views

CVE-2006-4240

The CVE-2006-4240 entry describes a PHP remote file inclusion in Fusion News 3.7 (index.php) that allows an attacker to execute arbitrary PHP code via a URL parameter fpath. This is the core vulnerability and the affected component is Fusion News 3.7, specifically the index.php file handling fpat...

7.5CVSS7.9AI score0.03179EPSS
Exploits1References6Affected Software1
exploitpack
exploitpack
added 2006/08/16 12:0 a.m.19 views

Fusionphp Fusion News 3.7 - index.php Remote File Inclusion

Fusionphp Fusion News 3.7 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/19546/info Fusion News is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/08/16 12:0 a.m.30 views

Fusionphp Fusion News 3.7 - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/19546/info Fusion News is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the...

7.4AI score
Exploits0
NVD
NVD
added 2006/07/06 8:5 p.m.12 views

CVE-2006-3387

Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when registerglobals is enabled, allows remote attackers to include arbitrary files via a .. dot dot sequence in the filconfig parameter, which can be used to execute PHP code that has been injected into a log file...

5.1CVSS7.2AI score0.01951EPSS
Exploits0References2
Cvelist
Cvelist
added 2006/07/06 8:0 p.m.16 views

CVE-2006-3387

Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when registerglobals is enabled, allows remote attackers to include arbitrary files via a .. dot dot sequence in the filconfig parameter, which can be used to execute PHP code that has been injected into a log file...

7.2AI score0.01951EPSS
Exploits0References2
CVE
CVE
added 2006/07/06 8:0 p.m.61 views

CVE-2006-3387

CVE-2006-3387 describes a directory traversal vulnerability in Fusion News 1.0. When register_globals is enabled, an attacker can manipulate the fil_config parameter in sources/post.php using a .. sequence to include arbitrary files. This can allow an attacker to execute PHP code that has been in...

5.1CVSS7.6AI score0.01951EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder