Phpfusion
by PHP-Fusion
Source repositories
CVEs (77)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-23178 | Med | 0.35 | 5.4 | 0.01 | Jul 2, 2021 | An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out, allowing for an attacker to perform a session replay attack and impersonate the victim user. | ||
| CVE-2020-23658 | Med | 0.35 | 5.4 | 0.00 | Aug 26, 2020 | PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infusions/member_poll_panel/poll_admin.php. | ||
| CVE-2020-17449 | Med | 0.35 | 5.4 | 0.01 | Aug 12, 2020 | PHP-Fusion 9.03 allows XSS via the error_log file. | ||
| CVE-2020-12718 | Med | 0.35 | 5.4 | 0.01 | May 8, 2020 | In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypassed by using HTML event handlers such as ontoggle. | ||
| CVE-2020-12438 | Med | 0.35 | 5.4 | 0.01 | Apr 28, 2020 | An XSS vulnerability exists in the banners.php page of PHP-Fusion 9.03.50. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT tags. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT tags. | ||
| CVE-2020-23702 | Med | 0.31 | 4.8 | 0.01 | Jul 7, 2021 | Cross Site Scripting (XSS) vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutbox_panel/shoutbox_admin.php. | ||
| CVE-2020-35687 | Med | 0.31 | 4.3 | 0.01 | Jan 13, 2021 | PHPFusion version 9.03.90 is vulnerable to CSRF attack which leads to deletion of all shoutbox messages by the attacker on behalf of the logged in victim. | ||
| CVE-2020-15041 | Med | 0.31 | 4.8 | 0.01 | Jun 24, 2020 | PHP-Fusion 9.03.60 allows XSS via the administration/site_links.php Add Site Link field. | ||
| CVE-2015-8375 | Med | 0.28 | 5.4 | 0.01 | Sep 25, 2017 | Cross-site scripting (XSS) vulnerability in PHP-Fusion 9. | ||
| CVE-2013-1807 | 0.04 | — | 0.08 | Apr 30, 2014 | PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information via a direct request to the backup file in administration/db_backups/. | |||
| CVE-2013-1806 | 0.04 | — | 0.08 | Apr 30, 2014 | Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files… | |||
| CVE-2010-4931 | 0.04 | — | 0.16 | Oct 9, 2011 | Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party | |||
| CVE-2006-2330 | 0.04 | — | 0.08 | May 12, 2006 | PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses… | |||
| CVE-2005-2075 | 0.04 | — | 0.07 | Jun 29, 2005 | PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/db_backups directory… | |||
| CVE-2004-1724 | 0.04 | — | 0.07 | Aug 18, 2004 | The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_backups directory to world read/write/execute (777), which allows remote attackers to download or view database backups, which have easily guessable filenames and contain… | |||
| CVE-2014-8596 | 0.03 | — | 0.03 | Nov 17, 2014 | Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to execute arbitrary SQL commands via the (1) submit_id parameter in a 2 action to files/administration/submissions.php or (2) status parameter to files/administration/members.php. | |||
| CVE-2013-7375 | 0.03 | — | 0.04 | May 5, 2014 | SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 through 7.02.05 allows remote attackers to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803. | |||
| CVE-2013-1803 | 0.03 | — | 0.04 | May 5, 2014 | Multiple SQL injection vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated users with certain permissions to execute arbitrary SQL commands via a (2)… | |||
| CVE-2013-1804 | 0.03 | — | 0.04 | Apr 29, 2014 | Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php; or remote authenticated users with certain permissions to inject arbitrary web… | |||
| CVE-2012-6043 | 0.03 | — | 0.02 | Nov 26, 2012 | Cross-site scripting (XSS) vulnerability in downloads.php in PHP-Fusion 7.02.04 allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter. |
- risk 0.35cvss 5.4epss 0.01
An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out, allowing for an attacker to perform a session replay attack and impersonate the victim user.
- risk 0.35cvss 5.4epss 0.00
PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infusions/member_poll_panel/poll_admin.php.
- risk 0.35cvss 5.4epss 0.01
PHP-Fusion 9.03 allows XSS via the error_log file.
- risk 0.35cvss 5.4epss 0.01
In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypassed by using HTML event handlers such as ontoggle.
- risk 0.35cvss 5.4epss 0.01
An XSS vulnerability exists in the banners.php page of PHP-Fusion 9.03.50. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT tags. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT tags.
- risk 0.31cvss 4.8epss 0.01
Cross Site Scripting (XSS) vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutbox_panel/shoutbox_admin.php.
- risk 0.31cvss 4.3epss 0.01
PHPFusion version 9.03.90 is vulnerable to CSRF attack which leads to deletion of all shoutbox messages by the attacker on behalf of the logged in victim.
- risk 0.31cvss 4.8epss 0.01
PHP-Fusion 9.03.60 allows XSS via the administration/site_links.php Add Site Link field.
- risk 0.28cvss 5.4epss 0.01
Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.
- CVE-2013-1807Apr 30, 2014risk 0.04cvss —epss 0.08
PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information via a direct request to the backup file in administration/db_backups/.
- CVE-2013-1806Apr 30, 2014risk 0.04cvss —epss 0.08
Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files…
- CVE-2010-4931Oct 9, 2011risk 0.04cvss —epss 0.16
Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party
- CVE-2006-2330May 12, 2006risk 0.04cvss —epss 0.08
PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses…
- CVE-2005-2075Jun 29, 2005risk 0.04cvss —epss 0.07
PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/db_backups directory…
- CVE-2004-1724Aug 18, 2004risk 0.04cvss —epss 0.07
The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_backups directory to world read/write/execute (777), which allows remote attackers to download or view database backups, which have easily guessable filenames and contain…
- CVE-2014-8596Nov 17, 2014risk 0.03cvss —epss 0.03
Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to execute arbitrary SQL commands via the (1) submit_id parameter in a 2 action to files/administration/submissions.php or (2) status parameter to files/administration/members.php.
- CVE-2013-7375May 5, 2014risk 0.03cvss —epss 0.04
SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 through 7.02.05 allows remote attackers to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803.
- CVE-2013-1803May 5, 2014risk 0.03cvss —epss 0.04
Multiple SQL injection vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated users with certain permissions to execute arbitrary SQL commands via a (2)…
- CVE-2013-1804Apr 29, 2014risk 0.03cvss —epss 0.04
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php; or remote authenticated users with certain permissions to inject arbitrary web…
- CVE-2012-6043Nov 26, 2012risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in downloads.php in PHP-Fusion 7.02.04 allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter.
Page 2 of 4