5 matches found
PHP-Fusion 9.03.50 - Remote Code Execution
PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user not admin to send a crafted request to the server and perform remote command execution. id: CVE-2020-24949 info: name: PHP-Fusion 9.03.50 - Remote Code Execution author: geeknik severity: high description: PHP-Fusion 9.03.50...
PHPFusion < 9.03.60 RCE Vulnerability - Active Check
PHPFusion is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2020-24949
creationtimestamp| type| source ---|---|--- 2021-05-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49911 2021-05-28 09:44:39+00:00| seen| https://t.me/pwnwikizhchannel/517 2025-11-11 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-11-11 2026-03-22...
PHPFusion 9.03.50 - Remote Code Execution
Exploit Title: PHPFusion 9.03.50 - Remote Code Execution Date: 20/05/2021 Exploit Author: g0ldm45k Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://www.php-fusion.co.uk/infusions/downloads/downloads.php?catid=30&downloadid=606 Version: 9.03.50 Tested on: Docker + Debi...
PHP-Fusion downloads.php Privilege Escalation (CVE-2020-24949)
A privilege escalation vulnerability exists in PHP-Fusion. The vulnerability is due to insufficient validation of HTTP request parameters in downloads.php...