CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Php Fusion: >> Php Fusion >> 6.0.307 Security Vulnerabilities

CVE-2006-4673

Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the extract function on the superglobals, which allows remote attackers to conduct SQL injection attacks via the _SERVER[REMOTE_ADDR] parameter to news.php.

CVSS Score

2.6

EPSS Score

0.006

Published

2006-09-11

Page 1

Vulnerabilities

Vulnerable Software

Php Fusion: >> Php Fusion >> 6.0.307 Security Vulnerabilities

Products

Pricing

Contact Us