Ifusionservices : Security Vulnerabilities, CVEs,
SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field.
Max CVSS
6.8
EPSS Score
0.06%
Published
2009-08-28
Updated
2017-09-29
ifdate 2.x sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request for the admin/ URI.
Max CVSS
10.0
EPSS Score
2.17%
Published
2007-05-16
Updated
2018-10-16
Multiple cross-site scripting (XSS) vulnerabilities in iFlance 1.1 allow remote attackers to inject arbitrary web script or HTML via certain inputs to (1) acc_verify.php or (2) project.php.
Max CVSS
4.3
EPSS Score
0.57%
Published
2006-05-30
Updated
2018-10-18
3 vulnerabilities found