7 matches found
The vulnerability of the PHP-Fusion CMS, which exists due to the lack of measures taken to protect the structure of web pages, allows attackers to carry out XSS attacks.
The vulnerability of the PHP-Fusion CMS exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
PHP-Fusion 跨站脚本漏洞
Php-fusion PHP-Fusion is an open source lightweight content management system based on MySql and PHP from Malaysia-based PHP-Fusion Php-fusion. A cross-site scripting vulnerability exists in PHP-Fusion version 9.03.50, which originates in the infusions/memberpollpanel/polladmin.php page and lacks...
The vulnerability of the PHP-Fusion CMS system, which exists due to the lack of measures taken to protect the structure of web pages, allows attackers to execute arbitrary code.
The vulnerability in the /administration/settingsregistration.php function of the PHP-Fusion CMS system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely by using a specially created...
The vulnerability of the PHP-Fusion CMS’s “scenario” implementation (administration/settings_main.php), which allows attackers to execute cross-site scenario attacks.
The vulnerability of the PHP-Fusion CMS system’s “administration/settingsmain.php” script relates to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the PHP-Fusion CMS system, related to bypassing the authentication process, allows attackers to gain unauthorized access to protected information.
The vulnerability of the PHP-Fusion CMS system relates to the bypassing of the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2020-24949
Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user not admin to send a crafted request to the server and perform remote command execution RCE...
PHP-Fusion SQL Injection Vulnerability (CNVD-2020-27781)
PHP-Fusion is a Malaysian company PHP-Fusion open source lightweight content management system based on MySql and PHP . The system contains modules such as news, articles and forums. A SQL injection vulnerability exists in PHP-Fusion version 9.03.50. The vulnerability stems from a lack of...