VYPR

Phpfusion

by PHP-Fusion

Source repositories

CVEs (77)

  • CVE-2020-23178MedJul 2, 2021
    risk 0.35cvss 5.4epss 0.01

    An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out, allowing for an attacker to perform a session replay attack and impersonate the victim user.

  • CVE-2020-23658MedAug 26, 2020
    risk 0.35cvss 5.4epss 0.00

    PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infusions/member_poll_panel/poll_admin.php.

  • CVE-2020-17449MedAug 12, 2020
    risk 0.35cvss 5.4epss 0.01

    PHP-Fusion 9.03 allows XSS via the error_log file.

  • CVE-2020-12718MedMay 8, 2020
    risk 0.35cvss 5.4epss 0.01

    In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypassed by using HTML event handlers such as ontoggle.

  • CVE-2020-12438MedApr 28, 2020
    risk 0.35cvss 5.4epss 0.01

    An XSS vulnerability exists in the banners.php page of PHP-Fusion 9.03.50. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT tags. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT tags.

  • CVE-2020-23702MedJul 7, 2021
    risk 0.31cvss 4.8epss 0.01

    Cross Site Scripting (XSS) vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutbox_panel/shoutbox_admin.php.

  • CVE-2020-35687MedJan 13, 2021
    risk 0.31cvss 4.3epss 0.01

    PHPFusion version 9.03.90 is vulnerable to CSRF attack which leads to deletion of all shoutbox messages by the attacker on behalf of the logged in victim.

  • CVE-2020-15041MedJun 24, 2020
    risk 0.31cvss 4.8epss 0.01

    PHP-Fusion 9.03.60 allows XSS via the administration/site_links.php Add Site Link field.

  • CVE-2015-8375MedSep 25, 2017
    risk 0.28cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.

  • CVE-2013-1807Apr 30, 2014
    risk 0.04cvss epss 0.08

    PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information via a direct request to the backup file in administration/db_backups/.

  • CVE-2013-1806Apr 30, 2014
    risk 0.04cvss epss 0.08

    Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files…

  • CVE-2010-4931Oct 9, 2011
    risk 0.04cvss epss 0.16

    Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party

  • CVE-2006-2330May 12, 2006
    risk 0.04cvss epss 0.08

    PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses…

  • CVE-2005-2075Jun 29, 2005
    risk 0.04cvss epss 0.07

    PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/db_backups directory…

  • CVE-2004-1724Aug 18, 2004
    risk 0.04cvss epss 0.07

    The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_backups directory to world read/write/execute (777), which allows remote attackers to download or view database backups, which have easily guessable filenames and contain…

  • CVE-2014-8596Nov 17, 2014
    risk 0.03cvss epss 0.03

    Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to execute arbitrary SQL commands via the (1) submit_id parameter in a 2 action to files/administration/submissions.php or (2) status parameter to files/administration/members.php.

  • CVE-2013-7375May 5, 2014
    risk 0.03cvss epss 0.04

    SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 through 7.02.05 allows remote attackers to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803.

  • CVE-2013-1803May 5, 2014
    risk 0.03cvss epss 0.04

    Multiple SQL injection vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated users with certain permissions to execute arbitrary SQL commands via a (2)…

  • CVE-2013-1804Apr 29, 2014
    risk 0.03cvss epss 0.04

    Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php; or remote authenticated users with certain permissions to inject arbitrary web…

  • CVE-2012-6043Nov 26, 2012
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in downloads.php in PHP-Fusion 7.02.04 allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter.