Filtered by vendor Fusiondirectory
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32807 | 1 Fusiondirectory | 1 Fusiondirectory | 2025-07-12 | 5.3 Medium |
| A path traversal vulnerability in FusionDirectory before 1.5 allows remote attackers to read arbitrary files on the host that end with .png (and .svg or .xpm for some configurations) via the icon parameter of a GET request to geticon.php. | ||||
| CVE-2022-36180 | 1 Fusiondirectory | 1 Fusiondirectory | 2025-04-29 | 9.6 Critical |
| Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106. | ||||
| CVE-2022-36179 | 1 Fusiondirectory | 1 Fusiondirectory | 2025-04-29 | 9.8 Critical |
| Fusiondirectory 1.3 suffers from Improper Session Handling. | ||||
Page 1 of 1.