CVE-2005-4517

Published: Dec 28, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php.

Affected (4)

Products: Php Fusion: Php Fusion

Php Fusion

1 product

Php Fusion

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Php Fusion Php Fusion	Version 6.00.200
Php Fusion Php Fusion	Version 6.00.206
Php Fusion Php Fusion	Version 6.00.207
Php Fusion Php Fusion	Version 6.00.300

References (10)

http://secunia.com/advisories/18190/

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/272

Source: cve@mitre.org

http://www.osvdb.org/22049

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/420109/100/0/threaded

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2005/3063

Source: cve@mitre.org

http://secunia.com/advisories/18190/