812 matches found
EUVD-2020-16495
Malware in sbrugna...
EUVD-2006-3550
Malware in sbrugna...
EUVD-2007-3543
Malware in sbrugna...
EUVD-2020-15932
Malware in sbrugna...
EUVD-2020-16400
Malware in sbrugna...
EUVD-2005-3737
Malware in sbrugna...
EUVD-2008-4508
Malware in sbrugna...
CVE-2021-3172
An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a Distributed Denial of Service via the Polling feature...
CVE-2020-15041
PHP-Fusion 9.03.60 allows XSS via the administration/sitelinks.php Add Site Link field...
CVE-2020-23658
PHP-Fusion 9.03.60 is affected by Cross Site Scripting XSS via infusions/memberpollpanel/polladmin.php...
CVE-2020-23178
An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out, allowing for an attacker to perform a session replay attack and impersonate the victim user...
CVE-2020-23754
Cross Site Scripting XSS vulnerability in infusions/memberpollpanel/polladmin.php in PHP-Fusion 9.03.50, allows attackers to execute arbitrary code, via the polls feature...
CVE-2020-23179
A stored cross site scripting XSS vulnerability in administration/settingsmain.php of PHP-Fusion 9.03.50 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Site footer" field...
CVE-2020-23185
A stored cross site scripting XSS vulnerability in /administration/settingsecurity.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2020-24949
Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user not admin to send a crafted request to the server and perform remote command execution RCE...
CVE-2020-23702
Cross Site Scripting XSS vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutboxpanel/shoutboxadmin.php...
CVE-2020-23181
A reflected cross site scripting XSS vulnerability in /administration/theme.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Manage Theme" field...
CVE-2020-14960
A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter,...
CVE-2020-12718
In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypassed by using HTML event handlers such as ontoggle...
CVE-2020-12706
Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faqadmin.php or shoutboxpanel/shoutboxadmin.php...