September 30 2005 · Security
Vulnerability in Private Messages
Following a Secunia advisory (PHPFusion "msg_send" SQL Injection Vulnerability) I have released an updated messages.php script for existing PHPFusion…
By Falk
Read MoreFollowing a Secunia advisory (PHPFusion "msg_send" SQL Injection Vulnerability) I have released an updated messages.php script for existing PHPFusion…
Another XSS exploit has been discovered that allows a malicious user to steal your cookie. Thankfully it was rather easy…
I have been alerted to some sql injection exploits in PHPFusion's private message system. The problem is that certain…
The recent img bbcode patchfixed one problem but it is still exploitable under certain conditions. I have been working on…
Two security flaws have recently been discovered in the bb code parsing by two of our users. Grindordie found that…
As you know a flaw was discovered recently which allows a malicious user to grab any db backup file created…
While I was away an xss exploit was uncovered in the news/article submission functions. The code I had produced…