Lucene search
K

7 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.100 views

PHP-Fusion 4.01 'readmore.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30680/info PHP-Fusion is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/05/19 12:0 a.m.29 views

PHP-Fusion 4.01 SQL Injection

Exploit Title: PHP-Fusion v4.01 SQL INJECTION Vulnerabilities Date: 17/05/2010 Author: Ma3sTr0-Dz Software Link: http://www.php-fusion.co.uk Version: 4.01 CVE : N/A Code : exploit code =======================================================PHP-Fusion v4.01 SQL INJECTION...

0.1AI score
Exploits0
Prion
Prion
added 2009/01/22 11:30 a.m.10 views

Sql injection

SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the newsid parameter...

7.5CVSS9.1AI score0.00961EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2009/01/22 11:0 a.m.52 views

CVE-2008-5946

The CVE-2008-5946 entry concerns a SQL injection in PHP-Fusion 4.01’s readmore.php, exploitable via the news_id parameter. Affected software/component: PHP-Fusion 4.01 (readmore.php). Root cause: unsafely constructed SQL when handling news_id enables arbitrary SQL execution. Impact: remote attack...

7.5CVSS8.7AI score0.00961EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2005/08/20 4:0 a.m.47 views

CVE-2004-2438

PHP-Fusion 4.01 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the Submit News, Submit Link, or Submit Article fields. The CVE-2004-2438 entry documents this XSS issue across multiple input points but provides limi...

4.3CVSS5.7AI score0.01177EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/08/20 4:0 a.m.17 views

CVE-2004-2438

Cross-site scripting XSS vulnerability in PHP-Fusion 4.01 allows remote attackers to inject arbitrary web script or HTML via the 1 Submit News, 2 Submit Link or 3 Submit Article field...

5.7AI score0.01177EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/08/20 4:0 a.m.20 views

CVE-2004-2437

SQL injection vulnerability in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the rowstart parameter to 1 index.php or 2 members.php, or 3 the commentid parameter to comments.php...

8.3AI score0.01211EPSS
Exploits0References5
Rows per page
Query Builder