October 28 2005 · Security
v6.00.205 - Multiple exploit fixes
Files Updated: I've discovered two potential problems in infusions -> shoutbox_panel -> shoutbox_archive.php and the new news.php script. For…
By Falk
Read More
Files Updated: I've discovered two potential problems in infusions -> shoutbox_panel -> shoutbox_archive.php and the new news.php script. For…
Following a Secunia advisory (PHPFusion "msg_send" SQL Injection Vulnerability) I have released an updated messages.php script for existing PHPFusion…
Another XSS exploit has been discovered that allows a malicious user to steal your cookie. Thankfully it was rather easy…
I have been alerted to some sql injection exploits in PHPFusion's private message system. The problem is that certain…
The recent img bbcode patchfixed one problem but it is still exploitable under certain conditions. I have been working on…
Two security flaws have recently been discovered in the bb code parsing by two of our users. Grindordie found that…
As you know a flaw was discovered recently which allows a malicious user to grab any db backup file created…
While I was away an xss exploit was uncovered in the news/article submission functions. The code I had produced…