SQL Injection Vulnerability in MyfCMS Backend at Adding New Posts

Min Yifei Content Management System, abbreviated MyfCMS, is a PHP+Mysql content management system. A SQL injection vulnerability exists in the backend of MyfCMS at Add New Article. An attacker can exploit the vulnerability to obtain sensitive database information...

CVE-2009-2611

Directory traversal vulnerability in infusions/lastseenuserspanel/lastseenuserspanel.php in MyFusion aka MyF 6 Beta, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the settingslocale parameter...