Fusionphp : Security Vulnerabilities, CVEs, (Directory traversal)
Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the fil_config parameter, which can be used to execute PHP code that has been injected into a log file.
Max CVSS
5.1
EPSS Score
1.43%
Published
2006-07-06
Updated
2017-10-19
1 vulnerabilities found