Vulnerabilities > CVE-2005-0829 - Unspecified vulnerability in PHP Fusion PHP Fusion 5.01

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
php-fusion
exploit available
NVD
Published: 2005-05-02
Updated: 2016-10-18

Summary

Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters.

Vulnerable Configurations

Part Description Count
Application
Php_Fusion
1

Exploit-Db

descriptionPHP-Fusion 4/5 Setuser.PHP HTML Injection Vulnerability. CVE-2005-0829. Webapps exploit for php platform
idEDB-ID:25241
last seen2016-02-03
modified2005-03-19
published2005-03-19
reporterPersianHacker Team
sourcehttps://www.exploit-db.com/download/25241/
titlePHP-Fusion 4/5 Setuser.PHP HTML Injection Vulnerability

References