deviance

6 exploits Active since Apr 2021
CVE-2021-28280 WRITEUP MEDIUM WRITEUP
phpfusion 9.03.110 - Cross-Site Request Forgery and Cross-Site Scripting in search.php
CSRF + Cross-site scripting (XSS) vulnerability in search.php in PHPFusion 9.03.110 allows remote attackers to inject arbitrary web script or HTML
CVSS 6.1
CVE-2021-28280 WRITEUP MEDIUM WRITEUP
phpfusion 9.03.110 - Cross-Site Request Forgery and Cross-Site Scripting in search.php
CSRF + Cross-site scripting (XSS) vulnerability in search.php in PHPFusion 9.03.110 allows remote attackers to inject arbitrary web script or HTML
CVSS 6.1
CVE-2021-28280 WRITEUP MEDIUM WRITEUP
phpfusion 9.03.110 - Cross-Site Request Forgery and Cross-Site Scripting in search.php
CSRF + Cross-site scripting (XSS) vulnerability in search.php in PHPFusion 9.03.110 allows remote attackers to inject arbitrary web script or HTML
CVSS 6.1
CVE-2021-28280 WRITEUP MEDIUM WRITEUP
phpfusion 9.03.110 - Cross-Site Request Forgery and Cross-Site Scripting in search.php
CSRF + Cross-site scripting (XSS) vulnerability in search.php in PHPFusion 9.03.110 allows remote attackers to inject arbitrary web script or HTML
CVSS 6.1
CVE-2021-3172 WRITEUP HIGH WRITEUP
php-fusion 9.03.90-9.09.99 - Authenticated Distributed Denial of Service via Polling Feature
An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a Distributed Denial of Service via the Polling feature.
CVSS 8.1
CVE-2022-3152 WRITEUP HIGH WRITEUP
phpfusion < 9.10.20 - Unverified Password Change
Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20.
CVSS 8.8