PHPFusion < 9.03.100 DoS Vulnerability

PHPFusion is prone to a denial of service DoS vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

PHPFusion 安全漏洞

PHPFusion is a Malaysian PHPFusion company based on MySql and PHP open source lightweight content management system . The system contains modules for news, articles and forums. A security vulnerability exists in PHPFusion version v9.03.90, which can be exploited by an attacker to cause a...

PHPFusion < 9.03.00 RCE Vulnerability

PHPFusion is prone to a remote code execution RCE vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

PHPFusion < 9.0 XSS Vulnerability

PHPFusion is prone to a cross-site scripting XSS vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

PHPFusion < 9.03.70 Multiple Vulnerabilities

PHPFusion is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PHPFusion < 9.03.60 Multiple Vulnerabilities

PHPFusion is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PHPFusion < 9.10.30 Improper Authentication Vulnerability

PHPFusion is prone to an improper authentication vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

CVE-2022-3152

Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20...

CVE-2022-3152

Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20...

Default credentials

Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20...

CVE-2022-3152

CVE-2022-3152 affects phpfusion/phpfusion prior to 9.10.20. The issue is described as an unverified password change, enabling account takeover. Connected documents corroborate the vulnerability class as improper/authentication weakness and consistently point to versions before 9.10.20. The remedi...

CVE-2022-3152 Unverified Password Change in phpfusion/phpfusion

Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20...

PT-2022-20790 · Unknown · Php-Fusion

Name of the Vulnerable Software and Affected Versions: phpfusion/phpfusion versions prior to 9.10.20 Description: The issue concerns an unverified password change in the GitHub repository phpfusion/phpfusion. Recommendations: For versions prior to 9.10.20, update to version 9.10.20 or later to...

phpfusion 授权问题漏洞

PHPFusion is a Malaysian PHPFusion company based on MySql and PHP open source lightweight content management system . The system contains modules for news, articles and forums. A security vulnerability exists in PHPFusion versions prior to 9.10.20, which stems from an unverified password change...

PHPFusion Cross-Site Scripting Vulnerability (CNVD-2021-101537)

PHPFusion is a lightweight open source content management system. A cross-site scripting vulnerability exists in the descript function in PHPFusion version 9.03.110. An attacker could exploit this vulnerability by appending "//" to the end of the text to conduct a cross-site scripting attack...

PHPFusion Arbitrary File Upload Vulnerability

PHPFusion is a lightweight open source content management system. An arbitrary file upload vulnerability exists in PHPFusion version 9.03.110. The vulnerability stems from the File Manager feature in the admin panel not filtering PHP extensions. An attacker can exploit this vulnerability to uploa...

PHPFusion Remote Code Execution Vulnerability

PHPFusion is a lightweight open source content management system. A remote code execution vulnerability exists in PHPFusion version 9.03.110. The vulnerability can be exploited to achieve remote code execution by inserting malicious php code or php files into a zip file and uploading it to the...

CVE-2021-40189

PHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to "webroot/themes/Theme Folder, where an attacker can access and execute arbitrary code...

CVE-2021-40188

PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability. The File Manager function in admin panel does not filter all PHP extensions such as ".php, .php7, .phtml, .php5, ...". An attacker can upload a malicious file and execute code on the server...

CVE-2021-40189

PHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to "webroot/themes/Theme Folder, where an attacker can access and execute arbitrary code...