3 matches found
Vulnerability of the function in /administration/theme.php of the PHP-Fusion CMS system, allowing a hacker to execute arbitrary code
The vulnerability in the /administration/theme.php function of the PHP-Fusion CMS system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through the created malicious load...
Php-fusion PHP-Fusion 跨站脚本漏洞
PHP-Fusion is a lightweight open source content management system. A reflective cross-site scripting vulnerability exists in /administration/theme.php in PHP-Fusion version 9.03.60, which can be exploited to execute arbitrary web script or HTML via the "Manage Theme" field...
SA-CONTRIB-2009-099 - RootCandy Theme - Cross Site Scripting
RootCandy is a theme specifically designed for use in the administration section. The theme fails to sanitize a URL value, leading to a Cross Site Scripting XSS vulnerability. Versions affected RootCandy theme for Drupal 6.x prior to RootCandy 6.x-1.5 Drupal core is not affected. If you do not us...