CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Php-Fusion: Security Vulnerabilities

CVE-2007-5187

SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter.

CVSS Score

7.5

EPSS Score

0.007

Published

2007-10-03

CVE-2007-3559

Cross-site scripting (XSS) vulnerability in infusions/shoutbox_panel/shoutbox_panel.php in PHP-Fusion 6.01.10 and 6.01.9, when guest posts are enabled, allows remote authenticated users to inject arbitrary web script or HTML via the URI, related to the FUSION_QUERY constant.

CVSS Score

3.5

EPSS Score

0.003

Published

2007-07-04

Page 7

Vulnerabilities

Vulnerable Software

Php-Fusion: Security Vulnerabilities

Products

Pricing

Contact Us