PHP-Fusion 6.00.109 SQL injection

Description
  • 1. Input passed to the "activate" parameter in "register.php" and the "cat_id" parameter in "faq.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. <br/> <br/> 2. Input passed to the "srch_text" parameter in "messages.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. <br/><br/> <span class="bb-navy">Confirmed in version 6.00.109. Other versions may also be affected.</span>
Remediation
  • Update to version 6.00.110 or higher.
References