Back to search
CVE-2005-3158
Published: Oct 6, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote attackers to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, a different vulnerability than CVE-2005-3157 and CVE-2005-3159.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20050929 Re: PHP-Fusion v6.00.109 SQL Injection / admin|users credentials
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now