Total
45 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5733 | 1 Php-fusion | 2 Php-fusion, Team Impact Ti Blog System Module | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.php in the Team Impact TI Blog System mod for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5946 | 1 Php-fusion | 1 Php-fusion | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | |||||
| CVE-2009-0831 | 1 Php-fusion | 2 Members Cv Module, Php-fusion | 2024-02-04 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter. | |||||
| CVE-2008-5197 | 1 Php-fusion | 1 Php-fusion | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classifieds.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the lid parameter in a detail_adverts action. | |||||
| CVE-2007-3559 | 1 Php-fusion | 1 Php-fusion | 2024-02-04 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in infusions/shoutbox_panel/shoutbox_panel.php in PHP-Fusion 6.01.10 and 6.01.9, when guest posts are enabled, allows remote authenticated users to inject arbitrary web script or HTML via the URI, related to the FUSION_QUERY constant. | |||||