Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Jul 27, 2005· Updated Apr 16, 2026

CVE-2005-2401

CVE-2005-2401

Description

PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag.

Affected products

6

PHP-Fusion/PHP Fusion6 versions
cpe:2.3:a:php_fusion:php_fusion:4.00:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:php_fusion:php_fusion:4.00:*:*:*:*:*:*:*
- cpe:2.3:a:php_fusion:php_fusion:4.01:*:*:*:*:*:*:*
- cpe:2.3:a:php_fusion:php_fusion:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_fusion:php_fusion:5.01_service_pack:*:*:*:*:*:*:*
- cpe:2.3:a:php_fusion:php_fusion:6.0.105:*:*:*:*:*:*:*
- cpe:2.3:a:php_fusion:php_fusion:6.0.106:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

secunia.com/advisories/16096nvdVendor Advisory
www.osvdb.org/18111nvd
www.securityfocus.com/bid/14332nvd

News mentions

0

No linked articles in our index yet.