Unrated severityNVD Advisory· Published Jun 29, 2005· Updated Jun 16, 2026
CVE-2005-2074
CVE-2005-2074
Description
Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.0.105 allows remote attackers to inject arbitrary web script or HTML via a news or article post, possibly involving the (1) news_body, (2) article_description, or (3) article_body parameters to submit.php.
Affected products
2cpe:2.3:a:php_fusion:php_fusion:6.0.105:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:php_fusion:php_fusion:6.0.105:*:*:*:*:*:*:*
- (no CPE)range: =6.0.105
Patches
Vulnerability mechanics
References
4- dark-assassins.com/forum/viewtopic.phpnvdPatchURL Repurposed
- secunia.com/advisories/15830nvdPatchVendor Advisory
- www.securityfocus.com/bid/14066nvd
- www.vupen.com/english/advisories/2005/0888nvd
News mentions
0No linked articles in our index yet.