PHP-Fusion versions 6.00.206 and below suffer from SQL injection attacks.
5c759a854ef640ac086d20a4e6915f62b1f78fc833f667effd143990303e0ff0
PHPFusion version 9.10.30 suffers from a persistent cross site scripting vulnerability.
aa251886281d962736d5731f2bc3b96ee2197a77f04ca5b9d031c9023887dfbc
PHPFusion version 9.03.50 suffers from a remote code execution vulnerability.
0c1ea73a71c985e2370b23c0a29caa04d041fd12d0eccc6de21797149b8536e6
PHP-Fusion version 9.03.90 suffers from a cross site request forgery vulnerability.
e3cbe03265f3fd59ae2beb47eb8cd8d894c3dc1d155ac8ae7a8565e32ce238fd
PHP-Fusion version 9.03.60 suffers from a PHP object injection vulnerability.
5383acba2c3cd45f7cc3223b5af3fe592644b62ab6fd29c75bc0a912e99554fa
PHP-Fusion version 9.03.60 PHP object injection to SQL injection pre-authentication exploit.
9499083374865e6afdcc98bbc3435e3e7b6d82a57f0a3486fba8428713cc05ed
PHP-Fusion version 9.03.50 has been found susceptible to additional methods of persistent cross site scripting. Initial findings in this version were discovered by SunCSR.
c6b9922795d11a23e3b4151c57c54613d48ea125dc0bc2b428d1acbb0c0f9f47
PHP-Fusion version 9.03.50 suffers from a remote SQL injection vulnerability.
d2a2f741c4189f3700f85b4e00d3baa56b4e1ee69a08f580698e405352fb6b50
PHP-Fusion version 9.03.50 suffers from a persistent cross site scripting vulnerability.
93888b7013296958415c64c90fe2338b37bbb4b8f83c1c8cd6184a3d0aee8baa
PHP-Fusion version 9.03.50 suffers from an arbitrary file upload vulnerability.
69aa4aacb58fc312485978e341d93b5ea3b1cb194a17714065b2bf439c337cd5
PHP-Fusion CMS versions 9 through 9.03 suffer from multiple cross site scripting vulnerabilities.
30ba65e62713fe6095418decd4abb733bd8f2877feb82c9d1595e96fc2c03f2a
This Metasploit module exploits a command execution vulnerability in PHP-Fusion versions 9.03.00 and below. It is possible to execute commands in the system with ordinary user authority.
f3a52a3d14252043e24c4033fb9468a3f180a732dde81b0cd6a71ae559187ee5
PHP-Fusion versions 7.02.07 and below suffer from a remote blind SQL injection vulnerability in the admin panel.
2d3631f3cae71c6c00737d58613810035ce43dc14bb280fe68f78f41a9cf3de0
PHP Fusion version 7.02.07 suffers from cross site scripting and clickjacking vulnerabilities.
4e0ec6b93aac8c53a81e3922fd688dfe14281a406bdb924428669bd6475647e5
PHP-Fusion version 7.02.07 suffers from a remote SQL injection vulnerability.
2249d0cca1dcee7f7c100fe42427bb2711d8fd3554f226cd372966d7f53926fa
PHP-Fusion version 7.02.05 suffers from insecure backup handling, cross site scripting, local file inclusion, and remote SQL injection vulnerabilities.
fa7b586afe0a410a0efe0520e47423439ff8a65220c5db6358b160d972751277
PHP-Fusion CMS versions 7.02.01 through 7.02.05 suffer from a remote SQL injection vulnerability.
8af2eceb6310de34f105ac3f1d63fa473bc238e02647218b091b5fa4cd42959e
Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Advanced MP3 Player module for PHP-Fusion, which can be exploited by malicious people to compromise a vulnerable system.
e3872883589e948f5ab26057b52953a554ab7a2a836bb9741a27a3301a8003d6
PHP-Fusion version 7.02.04 suffers from a remote SQL injection vulnerability in weblinks.php.
336cf42e8dc8faa6b50900fe87f736405e406fd222446974eea37d4c2c4ef253
PHP-Fusion 7.02.04 suffers from a cross site scripting vulnerability.
d3fa48892279929207c6c0d350c856e79a114ac17d04c18897ca3d20f5cf4aca
Secunia Security Advisory - MustLive has discovered a vulnerability in the Cumulus infusion for PHP-Fusion, which can be exploited by malicious people to conduct cross-site scripting attacks.
21cbe1facedc6e1cd5a84d359a72177907e666ab9055eee455c3c49d72c03108
PHP-Fusion suffers from a cross site scripting vulnerability in articles.php.
d6addf3f49505b4061a412e772b58ac59cc9f3ac2291dbda5be8637c96c5bc83
PHP-Fusion suffers from a remote SQL injection vulnerability in articles.php.
1e1218fb24d5fd9d67bc988c8b7188245376f6bbc33d32817feecd7eb42dadfc
Secunia Security Advisory - A vulnerability has been discovered in Auto Database System module for PHP-Fusion, which can be exploited by malicious people to conduct SQL injection attacks.
152fe5b90710e20c0333515fc904ef84c091ebda62ec04c109f66cefcb5100b2
PHP-Fusion Auto Database System version 1.0 Infusion suffers from a remote SQL injection vulnerability.
707572eda0949f9187d7f0eb4227494189e0f6d0dd2ddc05a645688c48d316b8
Secunia Security Advisory - A vulnerability has been discovered in Teams Structure module for PHP-Fusion, which can be exploited by malicious people to conduct SQL injection attacks.
48d2d6ec8a1defc529b3344ca59978232e828337ea35338cbb944392b2c075bf