Multiple SQL injection vulnerabilities in the ExecuteQueries function in private/system/classes/listfactory.class.php in glFusion 1.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) order and (2) direction parameters to search.php.
Max CVSS
7.5
EPSS Score
0.12%
Published
2010-04-22
Updated
2018-10-10
glFusion before 1.1.3 performs authentication with a user-provided password hash instead of a password, which allows remote attackers to gain privileges by obtaining the hash and using it in the glf_password cookie, aka "User Masquerading." NOTE: this can be leveraged with a separate SQL injection vulnerability to steal hashes.
Max CVSS
6.8
EPSS Score
0.48%
Published
2009-04-09
Updated
2017-09-29
SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the glf_session cookie parameter.
Max CVSS
7.5
EPSS Score
0.48%
Published
2009-04-09
Updated
2017-09-29
3 vulnerabilities found