Phpfusion

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2020-37152 MEDIUM POC This Month

PHP-Fusion 9.03.50 panels.php is vulnerable to cross-site scripting (XSS) via the 'panel_content' POST parameter. The application fails to properly sanitize user input before rendering it in the browser, allowing attackers to inject arbitrary JavaScript. [CVSS 6.1 MEDIUM]

PHP XSS Phpfusion

NVD Exploit-DB

CVSS 3.1

6.1

EPSS

0.0%

CVE-2020-37137 MEDIUM POC This Month

PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()' function that allows attackers to execute arbitrary code through an eval() function with unsanitized POST data. [CVSS 6.1 MEDIUM]

PHP RCE Phpfusion

NVD Exploit-DB

CVSS 3.1

6.1

EPSS

0.1%

CVE-2020-37152

EPSS 0% CVSS 6.1

MEDIUM POC This Month

PHP-Fusion 9.03.50 panels.php is vulnerable to cross-site scripting (XSS) via the 'panel_content' POST parameter. The application fails to properly sanitize user input before rendering it in the browser, allowing attackers to inject arbitrary JavaScript. [CVSS 6.1 MEDIUM]

PHP XSS Phpfusion

NVD Exploit-DB

CVE-2020-37137

EPSS 0% CVSS 6.1

MEDIUM POC This Month

PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()' function that allows attackers to execute arbitrary code through an eval() function with unsanitized POST data. [CVSS 6.1 MEDIUM]

PHP RCE Phpfusion

NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy