Lucene search
K

812 matches found

Cvelist
Cvelist
added 2005/08/20 4:0 a.m.17 views

CVE-2004-2438

Cross-site scripting XSS vulnerability in PHP-Fusion 4.01 allows remote attackers to inject arbitrary web script or HTML via the 1 Submit News, 2 Submit Link or 3 Submit Article field...

5.7AI score0.01177EPSS
Exploits0References4
CVE
CVE
added 2005/08/20 4:0 a.m.47 views

CVE-2004-2438

PHP-Fusion 4.01 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the Submit News, Submit Link, or Submit Article fields. The CVE-2004-2438 entry documents this XSS issue across multiple input points but provides limi...

4.3CVSS5.7AI score0.01177EPSS
Exploits0References4Affected Software1
exploitpack
exploitpack
added 2005/08/06 12:0 a.m.16 views

PHP-Fusion 4.05.06.0 - messages.php SQL Injection

PHP-Fusion 4.05.06.0 - messages.php SQL Injection source: https://www.securityfocus.com/bid/14489/info PHP-Fusion is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'messages.php' script before using it in ...

Exploits0
Exploit DB
Exploit DB
added 2005/08/06 12:0 a.m.25 views

PHP-Fusion 4.0/5.0/6.0 - 'messages.php' SQL Injection

source: https://www.securityfocus.com/bid/14489/info PHP-Fusion is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'messages.php' script before using it in an SQL query. Successful exploitation could result...

7AI score
Exploits0
exploitpack
exploitpack
added 2005/08/05 12:0 a.m.17 views

PHP-Fusion 6.0.106 - BBCode IMG Tag Script Injection

PHP-Fusion 6.0.106 - BBCode IMG Tag Script Injection / ahh I was hoping for some socket code : /str0ke Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins PHP-Fusion img/img exploit Discovered/Coded by Easyex Using the img /img codes we can get an...

7.7AI score
Exploits0
seebug.org
seebug.org
added 2005/08/05 12:0 a.m.20 views

PHP-Fusion <= 6.0 106 BBCode IMG Tag Script Injection Exploit

No description provided by source. / ahh I was hoping for some socket code : /str0ke Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins PHP-Fusion img/img exploit Discovered/Coded by Easyex Using the img /img codes we can get an administrator to do a functi...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/08/05 12:0 a.m.175 views

PHP-Fusion <= 6.0 106 BBCode IMG Tag Script Injection Exploit

Exploit for unknown platform in category web applications ============================================================= PHP-Fusion deluser ./fusionimg banuser ./fusionimg delshout ./fusionimg deladmin is the PHP-Fusion version. enter 6.x or 5.x depending on the version number. is the start point ...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/08/05 12:0 a.m.74 views

PHP-Fusion 6.0.106 - BBCode IMG Tag Script Injection

/ ahh I was hoping for some socket code : /str0ke Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins PHP-Fusion img/img exploit Discovered/Coded by Easyex Using the img /img codes we can get an administrator to do a function a normal member cannot do. For...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/07/27 4:0 a.m.19 views

CVE-2005-2401

PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets CSS via the BBCode color tag...

6.8AI score0.01336EPSS
Exploits0References3
CVE
CVE
added 2005/07/27 4:0 a.m.47 views

CVE-2005-2401

PHP-Fusion is affected by CVE-2005-2401: remote attackers can inject arbitrary CSS through the BBCode color tag in posts. The related Nessus plugin and CVE records indicate this affects PHP-Fusion builds around the 6.0x line (e.g.,

5CVSS6.8AI score0.01336EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2005/07/27 4:0 a.m.13 views

CVE-2005-2401

PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets CSS via the BBCode color tag...

5CVSS6.8AI score0.01336EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/07/20 12:0 a.m.36 views

[SA16096] PHP-Fusion BBcode &quot;color&quot; CSS Code Insertion Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/07/20 12:0 a.m.25 views

PHP-Fusion <= 6.00.105 Multiple Vulnerabilities

According to its banner, the remote host is running a version of PHP-Fusion that is affected by multiple vulnerabilities : - An Information Disclosure Vulnerability PHP Fusion stores database backups in a known location within the web server's documents directory. An attacker may be able to...

5CVSS5.6AI score0.06844EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2005/07/20 12:0 a.m.13 views

PHP-Fusion < 6.00.107 Multiple Vulnerabilities

Binary data 3100.prm...

7.5CVSS7.3AI score0.01336EPSS
Exploits1References4
securityvulns
securityvulns
added 2005/06/30 12:0 a.m.27 views

[EXPL] PHP-Fusion Accessible Database Backups Download &#40;Exploit&#41;

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

6.7AI score
Exploits0
Cvelist
Cvelist
added 2005/06/29 4:0 a.m.18 views

CVE-2005-2074

Cross-site scripting XSS vulnerability in PHP-Fusion 6.0.105 allows remote attackers to inject arbitrary web script or HTML via a news or article post, possibly involving the 1 newsbody, 2 articledescription, or 3 articlebody parameters to submit.php...

5.7AI score0.01177EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/06/29 4:0 a.m.27 views

CVE-2005-2075

PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/dbbackups directory in PHP-Fusion 6.0 ...

6.2AI score0.06844EPSS
Exploits1References3
NVD
NVD
added 2005/06/29 4:0 a.m.15 views

CVE-2005-2074

Cross-site scripting XSS vulnerability in PHP-Fusion 6.0.105 allows remote attackers to inject arbitrary web script or HTML via a news or article post, possibly involving the 1 newsbody, 2 articledescription, or 3 articlebody parameters to submit.php...

4.3CVSS5.7AI score0.01177EPSS
Exploits0References4
CVE
CVE
added 2005/06/29 4:0 a.m.85 views

CVE-2005-2074

CVE-2005-2074 affects PHP-Fusion 6.0.105: a cross-site scripting (XSS) vulnerability in submit.php that can inject arbitrary HTML/Script via the news_body, article_description, or article_body parameters. Exploitation details are documented in connected sources; there is no explicit patched versi...

4.3CVSS5.8AI score0.01177EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2005/06/29 4:0 a.m.20 views

CVE-2005-2075

PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/dbbackups directory in PHP-Fusion 6.0 ...

5CVSS6.2AI score0.06844EPSS
Exploits1References3
Rows per page
Query Builder