SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Php_fusion | Php_fusion | 6.00.200 (including) | 6.00.200 (including) |
Php_fusion | Php_fusion | 6.00.206 (including) | 6.00.206 (including) |
Php_fusion | Php_fusion | 6.00.207 (including) | 6.00.207 (including) |
Php_fusion | Php_fusion | 6.00.300 (including) | 6.00.300 (including) |