CVSS: 9.0EPSS: 42%CPEs: 1EXPL: 2CVE-2019-12099 – PHP-Fusion 9.03.00 - 'Edit Profile' Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-12099
14 May 2019 — In PHP-Fusion 9.03.00, edit_profile.php allows remote authenticated users to execute arbitrary code because includes/dynamics/includes/form_fileinput.php and includes/classes/PHPFusion/Installer/Lib/Core.settings.inc mishandle executable files during avatar upload. En PHP-Fusion versión 9.03.00, el archivo edit_profile.php permite a los usuarios autenticados remotamente ejecutar código arbitrario porque includes/dynamics/includes/form_fileinput.php y includes/classes/PHPFusion/Installer/Lib/Core.settings.in... • https://www.exploit-db.com/exploits/46839 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 5%CPEs: 5EXPL: 1CVE-2013-1803 – PHP-Fusion 7.02.05 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-1803
05 May 2014 — Multiple SQL injection vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated users with certain permissions to execute arbitrary SQL commands via a (2) parameter name starting with "delete_attach_" in an edit action to forum/postedit.php; the (3) poll_opts[] parameter in a newthread action to forum/postnewthread.php; the (4) pm_email_notify, (5) pm_save_sent, (6) pm_inbox, (7) pm_sentbox, ... • https://www.exploit-db.com/exploits/24562 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 19%CPEs: 5EXPL: 3CVE-2013-1806 – PHP-Fusion 7.02.05 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-1806
30 Apr 2014 — Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the (2) enable parameter to administration/user_fields.php or (3) file parameter to administration/db_backup.php. Múltiples vulnerabilidades de salto de directorio en PHP-Fusion anterior a 7.02.06 permiten a usuarios remotos aute... • https://www.exploit-db.com/exploits/24562 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 23%CPEs: 5EXPL: 3CVE-2013-1807 – PHP-Fusion 7.02.05 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-1807
30 Apr 2014 — PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information via a direct request to the backup file in administration/db_backups/. PHP-Fusion anterior a 7.02.06 almacena archivos de copia de seguridad con nombres de archivo previsibles en un directorio no restringido bajo el root de documento web, lo que podría permitir a atacantes remotos obtener información sensible a t... • https://www.exploit-db.com/exploits/24562 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.4EPSS: 11%CPEs: 5EXPL: 1CVE-2013-1804 – PHP-Fusion 7.02.05 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-1804
29 Apr 2014 — Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php; or remote authenticated users with certain permissions to inject arbitrary web script or HTML via the (2) user_list or (3) user_types parameter to messages.php; (4) message parameter to infusions/shoutbox_panel/shoutbox_admin.php; (5) message parameter to administration/news.php; (6) panel_list parameter to adm... • https://www.exploit-db.com/exploits/24562 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2008-5946 – PHP-Fusion 4.01 - 'readmore.php' SQL Injection
https://notcve.org/view.php?id=CVE-2008-5946
22 Jan 2009 — SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. Vulnerabilidad de inyección SQL en readmore.php en PHP-Fusion 4.01 permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro news_id. • https://www.exploit-db.com/exploits/32242 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 2CVE-2005-3159 – PHP-Fusion 4.0/5.0/6.0 - 'messages.php' SQL Injection
https://notcve.org/view.php?id=CVE-2005-3159
06 Oct 2005 — SQL injection vulnerability in messages.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158. • https://www.exploit-db.com/exploits/26102 •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 2CVE-2005-2783 – PHP-Fusion 4.0/5.0/6.0 - BBCode URL Tag Script Injection
https://notcve.org/view.php?id=CVE-2005-2783
02 Sep 2005 — Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and earlier allows remote attackers to inject arbitrary web script or HTML via nested, malformed URL BBCode tags. • https://www.exploit-db.com/exploits/26209 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2005-2401
https://notcve.org/view.php?id=CVE-2005-2401
27 Jul 2005 — PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag. PHP-Fusion permite que atacantes remotos inyecten CSS arbitrario mediante el tag de color BBCode. • http://secunia.com/advisories/16096 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2004-2437
https://notcve.org/view.php?id=CVE-2004-2437
31 Dec 2004 — SQL injection vulnerability in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the rowstart parameter to (1) index.php or (2) members.php, or (3) the comment_id parameter to comments.php. • http://secunia.com/advisories/12686 •