2 matches found
CVE-2005-1596
index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the islogged parameter or execute arbitrary code via the maxname2 parameter...
CVE-2005-1596
Fusion SBX 1.2 and earlier contain an authentication bypass and remote code execution vulnerability in index.php due to improper use of the extract function. By setting is_logged, an attacker can bypass authentication; by manipulating maxname2, arbitrary code may be executed. Affected versions ar...