CVSS: 9.8EPSS: 1%CPEs: 10EXPL: 0CVE-2005-3161
https://notcve.org/view.php?id=CVE-2005-3161
06 Oct 2005 — Multiple SQL injection vulnerabilities in PHP-Fusion before 6.00.110 allow remote attackers to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php. • http://secunia.com/advisories/17055 •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 2CVE-2005-2783 – PHP-Fusion 4.0/5.0/6.0 - BBCode URL Tag Script Injection
https://notcve.org/view.php?id=CVE-2005-2783
02 Sep 2005 — Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and earlier allows remote attackers to inject arbitrary web script or HTML via nested, malformed URL BBCode tags. • https://www.exploit-db.com/exploits/26209 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2005-2401
https://notcve.org/view.php?id=CVE-2005-2401
27 Jul 2005 — PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag. PHP-Fusion permite que atacantes remotos inyecten CSS arbitrario mediante el tag de color BBCode. • http://secunia.com/advisories/16096 •