PHPFusion Cross-Site Scripting Vulnerability (CNVD-2021-101537)

PHPFusion is a lightweight open source content management system. A cross-site scripting vulnerability exists in the descript function in PHPFusion version 9.03.110. An attacker could exploit this vulnerability by appending "//" to the end of the text to conduct a cross-site scripting attack...

CVE-2021-40541

PHPFusion 9.03.110 is affected by cross-site scripting XSS in the preg patterns filter html tag without "//" in descript function An authenticated user can trigger XSS by appending "//" in the end of text...

Phpfusion 代码问题漏洞

PHPFusion is a lightweight open source content management system. An arbitrary file upload vulnerability exists in PHPFusion version 9.03.110. The vulnerability stems from the File Manager feature in the admin panel not filtering PHP extensions. An attacker can exploit this vulnerability to uploa...

PHPFusion 代码问题漏洞

PHPFusion is a lightweight open source content management system. A remote code execution vulnerability exists in PHPFusion version 9.03.110. The vulnerability can be exploited to achieve remote code execution by inserting malicious php code or php files into a zip file and uploading it to the...

Phpfusion 跨站脚本漏洞

PHPFusion is a lightweight open source content management system. A cross-site scripting vulnerability exists in the descript function in PHPFusion version 9.03.110. An attacker could exploit this vulnerability by appending "//" to the end of the text to conduct a cross-site scripting attack...

Phpfusion 跨站脚本漏洞

Phpfusion is a lightweight content management system from Phpfusion UK. PHPFusion 9.03.110 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to inject arbitrary web script or HTML...