2 matches found
CVE-2005-1596
index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the islogged parameter or execute arbitrary code via the maxname2 parameter...