Show filters
86 Total Results
Displaying 41-50 of 86
Sort by:
Attacker Value
Unknown

CVE-2008-6850

Disclosure Date: July 07, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in messages.php in PHP-Fusion 6.01.17 and 7.00.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2009-0831

Disclosure Date: March 05, 2009 (last updated October 04, 2023)
SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter.
0
0
Attacker Value
Unknown

CVE-2008-5946

Disclosure Date: January 22, 2009 (last updated October 04, 2023)
SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
0
0
Attacker Value
Unknown

CVE-2008-5733

Disclosure Date: December 26, 2008 (last updated October 04, 2023)
SQL injection vulnerability in blog.php in the Team Impact TI Blog System mod for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the id parameter.
0
0
Attacker Value
Unknown

CVE-2008-5335

Disclosure Date: December 05, 2008 (last updated October 04, 2023)
SQL injection vulnerability in messages.php in PHP-Fusion 6.01.15 and 7.00.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the subject and msg_send parameters, a different vector than CVE-2005-3157, CVE-2005-3158, CVE-2005-3159, CVE-2005-4005, and CVE-2006-2459.
0
0
Attacker Value
Unknown

CVE-2008-5197

Disclosure Date: November 21, 2008 (last updated October 04, 2023)
SQL injection vulnerability in classifieds.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the lid parameter in a detail_adverts action.
0
0
Attacker Value
Unknown

CVE-2008-5196

Disclosure Date: November 21, 2008 (last updated October 04, 2023)
SQL injection vulnerability in kroax.php in the Kroax (the_kroax) 4.42 and earlier module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the category parameter.
0
0
Attacker Value
Unknown

CVE-2008-5074

Disclosure Date: November 14, 2008 (last updated October 04, 2023)
SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
0
0
Attacker Value
Unknown

CVE-2008-4521

Disclosure Date: October 09, 2008 (last updated October 04, 2023)
SQL injection vulnerability in thisraidprogress.php in the World of Warcraft tracker infusion (raidtracker_panel) module 2.0 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the INFO_RAID_ID parameter.
0
0
Attacker Value
Unknown

CVE-2008-4527

Disclosure Date: October 09, 2008 (last updated October 04, 2023)
SQL injection vulnerability in recept.php in the Recepies (Recept) module 1.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the kat_id parameter in a kategorier action. NOTE: some of these details are obtained from third party information.
0
0
View More Topics  < Previous  Next >