Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown
CVE-2008-5946
Disclosure Date: January 22, 2009 (last updated October 04, 2023)
SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
0
Attacker Value
Unknown
CVE-2005-2783
Disclosure Date: September 02, 2005 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and earlier allows remote attackers to inject arbitrary web script or HTML via nested, malformed URL BBCode tags.
0
Attacker Value
Unknown
CVE-2005-2401
Disclosure Date: July 27, 2005 (last updated February 22, 2025)
PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag.
0
Attacker Value
Unknown
CVE-2004-2438
Disclosure Date: December 31, 2004 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in PHP-Fusion 4.01 allows remote attackers to inject arbitrary web script or HTML via the (1) Submit News, (2) Submit Link or (3) Submit Article field.
0
Attacker Value
Unknown
CVE-2004-2437
Disclosure Date: December 31, 2004 (last updated February 22, 2025)
SQL injection vulnerability in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the rowstart parameter to (1) index.php or (2) members.php, or (3) the comment_id parameter to comments.php.
0
