PHP-Fusion 9.03.60
Approved changes feed: RSS · Atom
cpe:2.3:a:php-fusion:php-fusion:9.03.60:*:*:*:*:*:*:*
part: a version: 9.03.60 update: *
| Vendor | Php Fusion (9882a299-fb6b-5a33-aa4e-52dbde0ad700) |
|---|---|
| Product | Php Fusion (c30bafad-3859-5c09-a722-eecfce5287ee) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/phpfusion/phpfusion |
purl2cpe | 2026-06-01 10:15:01.254388 |
pkg:sourceforge/product/php-fusion |
purl2cpe | 2026-06-01 10:15:01.254389 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-23702 |
vulnerable | 2026-06-08 05:22:32.056467 |
Details available
Cross Site Scripting (XSS) vulnerability in PHP-Fusion 9.03.60 via 'New Shout' in /infusions/shoutbox_panel/shoutbox_admin.php.
Published: 2021-07-07T18:56:55.000Z
Updated: 2024-08-04T15:05:10.249Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-23658 |
vulnerable | 2026-06-08 05:22:32.041248 |
Details available
PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infusions/member_poll_panel/poll_admin.php.
Published: 2020-08-26T17:11:38.000Z
Updated: 2024-08-04T14:58:15.161Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-23185 |
vulnerable | 2026-06-08 05:22:31.808579 |
Details available
A stored cross site scripting (XSS) vulnerability in /administration/setting_security.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload.
Published: 2021-07-02T17:51:16.000Z
Updated: 2024-08-04T14:58:14.580Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-23184 |
vulnerable | 2026-06-08 05:22:31.808157 |
Details available
A stored cross site scripting (XSS) vulnerability in /administration/settings_registration.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Registration" field.
Published: 2021-07-02T17:51:14.000Z
Updated: 2024-08-04T14:58:14.403Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-23182 |
vulnerable | 2026-06-08 05:22:31.807750 |
Details available
The component /php-fusion/infusions/shoutbox_panel/shoutbox_archive.php in PHP-Fusion 9.03.60 allows attackers to redirect victim users to malicious websites via a crafted payload entered into the Shoutbox message panel.
Published: 2021-07-02T17:51:11.000Z
Updated: 2024-08-04T14:58:15.055Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-23181 |
vulnerable | 2026-06-08 05:22:31.807217 |
Details available
A reflected cross site scripting (XSS) vulnerability in /administration/theme.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Manage Theme" field.
Published: 2021-07-02T17:51:09.000Z
Updated: 2024-08-04T14:58:14.645Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-15041 |
vulnerable | 2026-06-08 05:19:25.159081 |
Details available
PHP-Fusion 9.03.60 allows XSS via the administration/site_links.php Add Site Link field.
Published: 2020-06-24T20:33:34.000Z
Updated: 2024-08-04T13:00:52.165Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.