CNNVD-202601-5066 Information
CNNVD ID
CNNVD-202601-5066
Related CVE
- CNNVD Published: 2026-01-30
Description (Chinese)
PHPFusion是马来西亚PHPFusion公司的一套基于MySql和PHP的开源轻量级内容管理系统。该系统包含新闻、文章和论坛等模块。 PHPFusion 9.03.50版本存在跨站脚本漏洞,该漏洞源于print.php页面未正确清理用户提交的消息内容,可能导致存储型跨站脚本攻击。
Description (English)
PHPFusion is an open-source lightweight content management system based on MySql and PHP by PHP Malaysia. The system contains modules such as news, articles and forums. PHPFusion version 9.03.50 contains a cross-site script loophole, which stems from the incorrect clean-up of information submitted by users on the print.php page and may result in a storage-type cross-site script attack.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
PHPFusion
Published
2026-01-30
Last Modified
2026-02-24
References
https://www.exploit-db.com/exploits/48497 https://www.php-fusion.co.uk/home.php https://www.php-fusion.co.uk/php_fusion_9_downloads.php https://www.vulncheck.com/advisories/phpfusion-persistent-cross-site-scripting
Share on: