HomePhp-FusionCVE-2013-7375

CVE-2013-7375

UNKNOWN
7.5CVSS
Published: 2014-05-05
Updated: 2025-04-12
AI Analysis

Description

SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 through 7.02.05 allows remote attackers to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803.

CVSS Metrics

Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector
network
Access Cmplx
low
Auth
none
Confidentiality
partial
Integrity
partial
Availability
partial
Weaknesses
CWE-89

Metadata

Primary Vendor
PHP-FUSION
Published
5/5/2014
Last Modified
4/12/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

php-fusion : php-fusionphp-fusion : php-fusionphp-fusion : php-fusionphp-fusion : php-fusionphp-fusion : php-fusion

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2013-7375 | UNKNOWN Severity | CVEDatabase.com | CVEDatabase.com