Vulnerabilities > PHP Fusion > PHP Fusion > 4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0345 | Unspecified vulnerability in PHP Fusion PHP Fusion 4.0 viewthread.php in php-fusion 4.x does not check the (1) forum_id or (2) forum_cat parameters, which allows remote attackers to view protected forums via the thread_id parameter. | 5.0 |
| 2004-08-18 | CVE-2004-1724 | Information Disclosure vulnerability in PHP Fusion PHP Fusion 4.0 The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_backups directory to world read/write/execute (777), which allows remote attackers to download or view database backups, which have easily guessable filenames and contain the administrator username and password. | 7.5 |