Vulnerability Details CVE-2020-14960
A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter,
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.3%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
- https://github.com/php-fusion/PHP-Fusion/commit/b3bde37f60e96f1a8ddd1439658307b28be77db5
- https://github.com/php-fusion/PHP-Fusion/issues/2327
- https://www.exploit-db.com/exploits/48487
- https://github.com/php-fusion/PHP-Fusion/commit/b3bde37f60e96f1a8ddd1439658307b28be77db5
- https://github.com/php-fusion/PHP-Fusion/issues/2327
- https://www.exploit-db.com/exploits/48487
Products affected by CVE-2020-14960
-
cpe:2.3:a:php-fusion:php-fusion:9.03.50