Description

A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter,

Remediation

References

CVE-2020-14960

Related Vulnerabilities

MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43281)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-37909)

WordPress Plugin FV Flowplayer Video Player Multiple Vulnerabilities (7.3.14.727)

WordPress Plugin Custom Post View Generator Cross-Site Scripting (0.4.6)

WordPress Plugin Schema App Structured Data Unspecified Vulnerability (0.5.4)

Severity

High

Classification

CVE-2020-14960 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities