CVE-2013-1803

Name of the Vulnerable Software and Affected Versions PHP-Fusion versions prior to 7.02.06

Description The issue allows remote attackers to execute arbitrary SQL commands via various parameters in different PHP files, including the orderby parameter to "downloads.php", and several parameters in "forum/postedit.php", "forum/postnewthread.php", "administration/settings messages.php", "administration/settings photo.php", "administration/bbcodes.php", "administration/news.php", and "administration/articles.php". The vulnerable parameters include delete attach in "forum/postedit.php", poll opts[] in "forum/postnewthread.php", pm email notify, pm save sent, pm inbox, pm sentbox, and pm savebox in "administration/settings messages.php", thumb compression, photo watermark text color1, photo watermark text color2, and photo watermark text color3 in "administration/settings photo.php", enable in "administration/bbcodes.php", news image, news image t1, and news image t2 in "administration/news.php", news id in "administration/news.php", and article id in "administration/articles.php".

Recommendations For PHP-Fusion versions prior to 7.02.06, update to version 7.02.06 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable parameters and API endpoints until a patch is applied. Avoid using the vulnerable parameters in the affected API endpoints, such as orderby in "downloads.php", delete attach in "forum/postedit.php", poll opts[] in "forum/postnewthread.php", and others, until the issue is resolved.