8 matches found
CVE-2020-37152
PHP-Fusion 9.03.50 panels.php is vulnerable to cross-site scripting XSS via the 'panelcontent' POST parameter. The application fails to properly sanitize user input before rendering it in the browser, allowing attackers to inject arbitrary JavaScript. This can be exploited by submitting crafted...
EUVD-2020-30963
PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script...
PHPFusion cross-site scripting vulnerabilities
PHPFusion is an open-source, lightweight content management system developed by Malaysia-based PHPFusion Company, based on MySQL and PHP. This system includes modules for news, articles, and forums. Version PHPFusion 9.03.50 contains a cross-site scripting vulnerability. This vulnerability arises...
PHP-Fusion 跨站脚本漏洞
Php-fusion PHP-Fusion is an open source lightweight content management system based on MySql and PHP from Malaysia-based PHP-Fusion Php-fusion. A cross-site scripting vulnerability exists in PHP-Fusion version 9.03.50, which originates in the infusions/memberpollpanel/polladmin.php page and lacks...
PHP-Fusion SQL Injection Vulnerability (CNVD-2020-52839)
PHP-Fusion is a Malaysian PHP-Fusion company based on MySql and PHP open source lightweight content management system . The system contains modules such as news, articles and forums. A SQL injection vulnerability exists in the administration/comments.php endpoint in PHP-Fusion version 9.03.50. Th...
PHP-Fusion Cross-Site Scripting Vulnerability
PHP-Fusion is a Malaysian PHP-Fusion company based on MySql and PHP open source lightweight content management system . The system contains modules such as news, articles and forums. A cross-site scripting vulnerability exists in PHP-Fusion version 9.03.50. The vulnerability stems from the lack o...
PHP-Fusion SQL Injection Vulnerability (CNVD-2020-27781)
PHP-Fusion is a Malaysian company PHP-Fusion open source lightweight content management system based on MySql and PHP . The system contains modules such as news, articles and forums. A SQL injection vulnerability exists in PHP-Fusion version 9.03.50. The vulnerability stems from a lack of...
PHP-Fusion cross-site scripting vulnerability (CNVD-2021-26414)
PHP-Fusion is a Malaysian company PHP-Fusion open source lightweight content management system based on MySql and PHP . The system contains modules such as news, articles and forums. A cross-site scripting vulnerability exists in the banners.php file in PHP-Fusion version 9.03.50. The vulnerabili...