Description

Cross-site scripting (XSS) vulnerability in downloads.php in PHP-Fusion 7.02.04 allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter.

Remediation

References

CVE-2012-6043

Related Vulnerabilities

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.0.9)

Apache HTTP Server Other Vulnerability (CVE-1999-1293)

Envoy Proxy Excessive Iteration Vulnerability (CVE-2021-39204)

WebLogic CVE-2019-2824 Vulnerability (CVE-2019-2824)

Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21692)

Severity

Medium

Classification

CVE-2012-6043 CWE-707

Tags

Missing Update Known Vulnerabilities