Vulnerabilities > CVE-2005-4516 - Cross-Site Scripting vulnerability in PHP-Fusion Members.PHP
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00.200 through 6.00.300 allow remote attackers to inject arbitrary web script or HTML via (1) the sortby parameter in members.php and (2) IMG tags.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
Exploit-Db
description | PHP-Fusion 6.0 Members.PHP Cross-Site Scripting Vulnerability. CVE-2005-4516. Webapps exploit for php platform |
id | EDB-ID:26872 |
last seen | 2016-02-03 |
modified | 2005-12-19 |
published | 2005-12-19 |
reporter | krasza |
source | https://www.exploit-db.com/download/26872/ |
title | PHP-Fusion 6.0 Members.PHP Cross-Site Scripting Vulnerability |