Every CVE whose affected-product data names Fusionphp Fusion News, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2004-1703 — CVSS 8.8 (high): Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that contains an img…
CVE-2006-4240 — CVSS 7.5 (high): PHP remote file inclusion vulnerability in index.php in Fusion News 3.7 allows remote attackers to execute arbitrary PHP code via a URL in…
CVE-2006-3387 — CVSS 5.1 (medium): Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is enabled, allows remote attackers to…