Lucene search
K

7 matches found

BDU FSTEC
BDU FSTEC
added 2022/08/17 12:0 a.m.5 views

The vulnerability of the PHP-Fusion CMS, which exists due to the lack of measures taken to protect the structure of web pages, allows attackers to carry out XSS attacks.

The vulnerability of the PHP-Fusion CMS exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

7.8CVSS5.4AI score
Exploits0Affected Software1
CNNVD
CNNVD
added 2021/11/02 12:0 a.m.7 views

PHP-Fusion 跨站脚本漏洞

Php-fusion PHP-Fusion is an open source lightweight content management system based on MySql and PHP from Malaysia-based PHP-Fusion Php-fusion. A cross-site scripting vulnerability exists in PHP-Fusion version 9.03.50, which originates in the infusions/memberpollpanel/polladmin.php page and lacks...

9.6CVSS5.7AI score0.0155EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/09/08 12:0 a.m.6 views

The vulnerability of the PHP-Fusion CMS system, which exists due to the lack of measures taken to protect the structure of web pages, allows attackers to execute arbitrary code.

The vulnerability in the /administration/settingsregistration.php function of the PHP-Fusion CMS system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely by using a specially created...

5.4CVSS6.4AI score0.00447EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/08/25 12:0 a.m.7 views

The vulnerability of the PHP-Fusion CMS’s “scenario” implementation (administration/settings_main.php), which allows attackers to execute cross-site scenario attacks.

The vulnerability of the PHP-Fusion CMS system’s “administration/settingsmain.php” script relates to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.4CVSS5.6AI score0.00472EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/13 12:0 a.m.6 views

The vulnerability of the PHP-Fusion CMS system, related to bypassing the authentication process, allows attackers to gain unauthorized access to protected information.

The vulnerability of the PHP-Fusion CMS system relates to the bypassing of the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.00524EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/09/03 2:15 p.m.1 views

CVE-2020-24949

Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user not admin to send a crafted request to the server and perform remote command execution RCE...

8.8CVSS7.4AI score
Exploits0References2
CNVD
CNVD
added 2020/04/30 12:0 a.m.2 views

PHP-Fusion SQL Injection Vulnerability (CNVD-2020-27781)

PHP-Fusion is a Malaysian company PHP-Fusion open source lightweight content management system based on MySql and PHP . The system contains modules such as news, articles and forums. A SQL injection vulnerability exists in PHP-Fusion version 9.03.50. The vulnerability stems from a lack of...

8.8CVSS8.2AI score0.01699EPSS
Exploits1
Rows per page
Query Builder