Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.

XSS vulnerability patch

  1. Home
  2. News
  3. PHPFusion
  4. XSS vulnerability patch
XSS vulnerability patch
Pi3cH has reported a cross-site-scripting vulnerability. PHPFusion does not properly validate user-supplied input passed by the log-in form in 'user_info_panel.php'.

A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the PHPFusion software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user. It's believed this is related to the new login system I plan to implement officially in v5.02, but have made available as a mod for v5.01. The details are not exact so I have added a security fix to v5.01 to close this vulnerability. I know this is must be annoying for everyone, especially as this is the 3rd security issue inside a month.

You must ensure that you update the file fusion_core.php, you can get the very latest file from the service pack which is available from the downloads area. The sourceforge files have also been updated. If you prefer to update manually please click Read More for details. Thanks to Pi3cH at PersianHacker.NET for the heads up.

If you wish to update manually you will need to edit fusion_core.php and make the following changes:

Look for the following line, located after line 150: if (isset($_POST['login'])) {

$result = dbquery("SELECT * FROM ".$fusion_prefix."users WHERE user_name='".$_POST['user_name']."' and user_password=md5('".$_POST['user_pass']."')");




Replace the above code with these 4 lines:

$user_name = stripinput($_POST['user_name']);
$user_pass = md5($_POST['user_pass']);
if (!preg_match("/^[-0-9A-Z_@\s]+$/i", $user_name)) { header("Location: ".FUSION_BASE."index.php"); exit; }
$result = dbquery("SELECT * FROM ".$fusion_prefix."users WHERE user_name='$user_name' and user_password='$user_pass'");



Falk March 19 2005 22,930
News Categories
Popular News
PHPFusion 9.0 Beta
PHPFusion 9.0 BetaOctober 03 2014 | Downloads
136395
Tesseract, Progress Report
Tesseract, Progress ReportApril 26 2014 | Development & Design
84850
Welcome Back
Welcome BackMarch 24 2006 | PHPFusion
80514
PHPFusion 9.0 ( Andromeda ) Stable
PHPFusion 9.0 ( Andromeda ) StableApril 27 2017 | PHPFusion
69532
Critical update - v6.00.305
Critical update - v6.00.305March 12 2006 | PHPFusion
67127
PHPFusion v7.02.06
PHPFusion v7.02.06January 27 2013 | Downloads
58865