PT-2004-2607 · Fusion · Fusion News
Name of the Vulnerable Software and Affected Versions: Fusion News version 3.6.1 Description: The issue allows remote attackers to add user accounts if the administrator is logged in. This can be achieved by including an img bbcode tag in a comment that calls index.php with the signup action. The...