Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

PHPFusion Security Vulnerabilities

cve
cve

CVE-2023-2453

There is insufficient sanitization of tainted file names that are directly concatenated with a path that is subsequently passed to a ‘require_once’ statement. This allows arbitrary files with the ‘.php’ extension for which the absolute path is known to be included and executed. There are no known.....

8.8CVSS

8.6AI Score

0.001EPSS

2023-09-05 03:15 PM
14
cve
cve

CVE-2023-4480

Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write...

5.5CVSS

5.4AI Score

0.001EPSS

2023-09-05 03:15 PM
16
cve
cve

CVE-2022-3152

Unverified Password Change in GitHub repository phpfusion/phpfusion prior to...

8.8CVSS

8.7AI Score

0.001EPSS

2022-09-07 03:15 PM
24
5