Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Php-fusionPhpfusion

2 matches found

CVE
CVEadded 2021/10/11 7:15 p.m.35 views

CVE-2021-40189

PHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to "webroot/themes/{Theme Folder], where an attacker can access and execute arbitrary code.

7.2CVSS7.5AI score0.01953EPSS
CVE
CVEadded 2021/10/11 7:15 p.m.34 views

CVE-2021-40188

PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability. The File Manager function in admin panel does not filter all PHP extensions such as ".php, .php7, .phtml, .php5, ...". An attacker can upload a malicious file and execute code on the server.

7.2CVSS7.2AI score0.00833EPSS